In a new article, we present the first empirical study of the gender gap within the network of lawyers who lead IPO advisory work (the “IPO Attorney Network). Analyzing thousands of lawyers across 8,358 IPOs from 2000-2021, we document the persistent and systemic exclusion of women from one of the most lucrative and influential corners of legal practice.

We analyze the IPO Attorney Network from the perspective of social network analysis—a method long established in the social sciences but still novel in legal scholarship. Drawing on prior work by two of us, we argue that the number and quality of an attorney’s connections offer a concrete measure of access to information, mentorship, and influence; a deficit of links reflects a deficit of opportunity. Network analysis allows us to capture not merely how many women participate, but where they sit within the web of relationships that drives the field.

Data and Methods

We built a dataset of every IPO in the United States from January 2000 through December 2021 and hand-collected information from the Forms S-1 filed in the SEC’s EDGAR system—capturing the issuing company, the law firms and individual lawyers advising issuers and underwriters, in-house general counsel, and office locations. The result is a corpus of 8,358 filings and 5,905 distinct attorneys. We inferred a professional relationship between any two individuals who appeared together on the same S-1, and estimated gender using an established gender-inference tool, reporting all results in anonymous form. Alongside simple participation counts, we measured each attorney’s position with standard network metrics. The study is deliberatively descriptive: It maps the gap and its contours, leaving causal inference to later work.

Findings

Our study finds a persistent gender gap in the IPO Attorney Network and suggests that the network itself helps reproduce women’s exclusion from positions of influence at elite firms.

First, the gender gap is large and strikingly persistent. Across the full network, just 18.56% of attorneys are women. The average proportion of women advising on IPOs hovered around 19% over the same period and, remarkably, was essentially the same in 2021 as in 2000. The high-water mark came early, in 2002, at roughly 20%; by 2021, women were only about 15% of the network. That stagnation is notable given that the share of women partners at law firms rose nearly 10 percentage points over the same years. The centrality data tells the same story: Over time, far more men than women become the highly connected lawyers at the network’s core.

Second, the gap differs by the type of IPO. IPOs of Special Purpose Acquisition Companies (SPACs)—a form of legal innovation that boomed in 2020-21 and received heavy criticism over conflicts of interest, inflated valuations, and weak investor protection—drew even fewer women. In 2021, women were just 11% of the lawyers advising on SPAC transactions, compared with 20% on traditional IPOs. The underrepresentation of women in a higher-risk and arguably less salutary form of innovation echoes prior research on gender and risk-taking.

Third, representation differs sharply by law firm and by side of the deal that the law firm represents. Firms advising issuers had a female proportion of 16%; those advising underwriters, 12%. The variation among elite firms is striking. Among the top issuer-side firms, K&L Gates’ IPO teams were 51% women, Simpson Thacher’s 28%, and Cooley’s 22%, while Ropes & Gray stood at just 6%. Among top underwriter-side firms, Simpson Thacher (22%), Davis Polk (21%), and Cravath (20%) led, while Sidley Austin trailed at 6%. The gap is pronounced at some of the most elite firms. For example, only 10% of Latham & Watkins’ issuer-side IPO lawyers, and 7% of its underwriter-side lawyers, are women. These differences suggest that firm- and team-level norms, cultures, and hiring pipelines matter.

Fourth, female general counsel did not move the needle. Women’s participation in the general counsel offices of issuers was as high as, or higher than, among issuer’s counsel—yet we found no evidence that the presence of women general counsel predicted greater female participation on the advisory teams.

Fifth, geography matters—at least on the issuer side. IPO practice is heavily concentrated at firms on the coasts, and the proportion of women rises when deals are handled at other firms. Between the two dominant markets, New York teams advising issuers had significantly lower female representation than their California counterparts; for underwriter-side teams, we found no significant geographic difference.

Sixth, women fall behind in network resources as their careers progress. Tracking the most connected attorneys over time, we found that men’s personal connections, the connectedness of their professional “neighbors,” and the share of women in their networks all grew at more than twice the rate seen for women. Among the 50 most central attorneys in the network, women remained a small fraction of those individuals’ connections. Measured by degree centrality (a count of how many connections an attorney has), the share of women crept only from 16% in 2000 to 18% in 2021, and by eigenvector centrality (a spectral measure that captures the extent to which an attorney is linked to highly connected attorneys) it actually declined slightly. The low proportion of women in the subnetworks of highly connected attorneys reveals a key challenge for greater gender equality in transactional practice. This matters because junior lawyers typically gain entry when a highly connected attorney brings them into the circle—and highly connected lawyers simply do not have many women in their networks to bring along.

Implications

Our findings arrive amid intensifying attacks on diversity and inclusion efforts at law firms, and we argue that our study has important implications as law firms assess their strategies for creating opportunities for all lawyers. On one hand, the sheer durability of the gap—through two decades in which women neared half of all law students and associates—raises hard questions about whether familiar approaches like recruitment programs, diversity training, and affinity groups have meaningfully changed elite transactional practice. On the other hand, the slow progress that did occur counsels strongly against abandoning these efforts: Doing so risks widening, not closing, the gap.

The network perspective also points toward more structural, less identity-based reforms. The first targets what Nobel laureate Claudia Goldin calls “greedy” work—the long, inflexible, and unpredictable hours that command outsized rewards and disproportionately push out those with caregiving responsibilities. Substitutable staffing models, required paid family leave, and durable flexibility of the kind firms briefly embraced during the pandemic could ease those penalties. The second is mentorship and sponsorship that reaches women. Firms too often rely on “natural” relationships that leave women and lawyers of color behind or relegate mentoring itself to the uncompensated “office work” disproportionately shouldered by women. Because cross-gender mentoring benefits mentees, mentors, and firms alike, we urge engaging all leaders and holding them accountable, including through structured work allocation and deliberate succession planning, rather than relying on identity-based programming alone.

Above all, our study underscores the need for transparency. The gap we document has until now gone largely unmeasured and undisclosed, obscured by firms’ broad and unquantifiable commitments to diversity. Meaningful disclosure would let clients, recruits, and firm leaders themselves measure progress rather than rely on rhetoric.

Afra Afsharipour is the John D. Ayer Professor of Law at the University of California, Davis, School of Law. Kristina Bishop is a research economist at the Kem C. Gardner Policy Institute of the University of Utah. Matthew Jennejohn is the Rulon and Marion Earl Professor of Law at Brigham Young University’s J. Reuben Clark Law School. This post is based on their article, “The IPO Gender Gap,” available here.

Many of you in this room are aware that Polish-born individuals played key roles in making the American revolution possible.  Among those who helped America secure our independence were Thaddeus Kościuszko and Casimir Pulaski.

Kościuszko, a military engineer, arrived in America in 1776 to offer his services to the Continental Army.  Commissioned as an officer, he helped design the fortifications at Saratoga and West Point, which played an important role in turning the tide towards American victory.[2] Today, he is buried not far away from here in Kraków at Wawel Cathedral and honored in the United States with a national memorial in Philadelphia.

Pulaski, a Polish nobleman, was recruited to the revolutionary cause by Benjamin Franklin.  He helped bring organization and proper training to the Continental cavalry and became known as the Father of the American Cavalry.[3] He gave his life in 1779 to the cause of American independence during the Siege of Savannah.[4] Pulaski is also honored in the United States with an annual day of commemoration in Chicago and a monument in Washington, D.C.

The ties between the United States and Poland have continued to endure across the centuries.  Since the fall of the Berlin Wall, Poland has become one of Europe’s most consequential democracies.  It has transitioned from a communist system to embracing free markets and democratic governance. Its commitment to free enterprise, capitalism, and the rule of law has contributed significantly to Poland becoming one of the fastest-growing economies in the European Union.

The U.S. Declaration of Independence spoke of the “pursuit of happiness.”  I view that phrase as encompassing the freedom to choose your occupation, start a business, place your capital at risk, and reap the rewards—or absorb the losses—of your own decisions.[5] It includes the opportunity to compete in a marketplace for goods, services, labor, and ideas.  In so doing, it facilitates economic growth, jobs creation, and innovation.

A Nation of Owners

The idea that liberty includes economic freedom is not merely an American ideal.  The leaders of Poland believed in the same idea at the end of the Cold War.  In 1990, Lech Wałęsa took office as Poland’s first democratically elected president since 1926.  In his inaugural address, he set out a goal that Poland should become a “nation of owners.”[6] He understood this as the surest way to rebuild the nation’s wealth and restore economic efficiency and called for practical changes, including privatization, an independent state treasury, and reform of the banking and credit systems.[7]

Think about this moment in history.  It was about turning a communist economy into a free market one.  The phrase a “nation of owners” conveyed a concrete meaning.  For two generations, ordinary people did not own or hold a stake in anything.  All property was the property of the state.  A free-market economy cannot suddenly be switched on like a machine, but must be built over time and based on the decentralized decisions of businesses and households, influenced by prices and local knowledge, to produce and consume.

Wałęsa’s vision was ownership in the fullest sense where families would hold a stake in Poland’s economy and business enterprises would be built, owned, and grown by their founders, rather than by the government.

Chairman Breeden’s 1990 Project and the Continued Partnership

However, without risk capital, the notion of owning and creating a private business remains only a dream.  It is the capital markets where those dreams can become reality.  They are where companies can raise what they need to grow and innovate, and where the people of a country can share in that growth. The question facing Wałęsa was how to build them.

That conversation began in 1990 between the U.S. Securities and Exchange Commission (“SEC”) and the emerging democracies of Eastern Europe.  Then-SEC Chairman Richard Breeden delivered a speech before the Los Angeles World Affairs Council on the internationalization of securities markets, and much of his focus was on this region.[8] Poland, he reported, had asked the SEC for technical assistance on trading systems, the clearance and settlement of transactions, the licensing of market personnel, and enforcement.  Hungary was about to reopen the Budapest Stock Exchange after 48 years of closure, and Poland was preparing to establish a stock exchange of its own.  That February, a Soviet delegation had visited the SEC to learn how to build capital markets.  Chairman Breeden called it “our Berlin Wall crumbing” for those in the securities field.[9] For Chairman Breeden, helping these countries build free markets was the “right thing to do” and a form of person-to-person foreign aid.

The SEC backed that vision with people and a program.  In 1992, drawing on funding from the Support for an Eastern European Democracy Act,[10] the Commission placed a senior advisor inside the Polish Securities Commission for a year, where the advisor helped refine the country’s securities laws.[11] These efforts would eventually reach well beyond Warsaw. In 1991, the SEC held its first International Institute for Securities Market Development, a signature initiative of Chairman Breeden that continues to this day and has trained thousands of regulators from over 100 countries.[12]

CEE Success Since the Cold War

What Central and Eastern Europe have achieved since 1989 is one of the great economic stories of the modern era.  Across the region, growth has been remarkable.  Since 1990, GDP per capita in countries like Poland and Hungary has grown many times over—more than fifteen times and eight times, respectively.[13] The transformation of capital markets has been just as striking.  The number of publicly listed domestic companies in Poland grew from just nine in 1992 to around 750 today, and the market capitalization of those companies has risen from about $4.5 billion in 1995 to more than $300 billion now—from around 3% of GDP to over 20%.[14]

This growth has occurred throughout Central and Eastern Europe, at different paces but along similar institutional lines. The drivers have included trade, foreign direct investment, accession to the European Union, and institutional reform.  Banks, both foreign and domestic, played an important role in financing that early growth—but the next step depends on capital markets in a way the early stages did not.

The Next Stage of Growth Needs Capital Markets

The financial markets can be particularly effective at allocating capital—a scarce resource—among competing ideas.  They draw on many investors with differing appetites for risk, liquidity, and investment horizons, so they offer the ability to finance even the riskiest, most innovative ideas, in a way that bank lending cannot.  In a bank-dependent economy, the most innovative ideas, which are often the riskiest, can struggle to take hold.  In the United States, by contrast, new businesses can access a multitude of sources for finance, including venture capital, angel investors, and crowdfunding.  Those investors actively seek risk and share in the upside, so the most disruptive ideas get backed more often.  However, the risk of failure can be significant.  Banks, by their nature and the deposits they hold, are not intended to take that kind of equity risk, which is why the capital markets play a crucial role.

In 2024, former European Central Bank President Mario Draghi released his report on European competitiveness.  Europe’s capital markets, he found, remain fragmented, and the flow of savings into them is lower than other major economies—only about 5% of global venture-capital funds are raised in the EU, compared to 52% in the United States.[15] While European households save more than American households, their savings are generally not channeled into higher risk, higher return investments.[16] The result, in the report’s words, is that the EU “relies excessively on bank financing, which is less well-suited to fund innovative projects,” with banks “ill-equipped to finance innovative companies,” lacking the expertise to assess them and the means to value their largely intangible collateral.[17]

The pattern is even sharper across Central and Eastern Europe. The banking sector dominates the financial system of most countries in the region, and households hold a higher share of their financial assets in cash and deposits than the EU average—including in Poland, where households hold over half their financial assets in cash and bank deposits.[18]

Europe has recognized the need for change.  The European Commission’s Savings and Investments Union seeks to transform the roughly €10 trillion of EU household savings currently sitting in low-yield deposits into capital investment in firms that drive economic growth.[19] In Poland, the proposed Personal Investment Account—the OKI—aims to move savings into capital markets by offering tax-free returns on assets up to a certain amount.[20] These are meaningful steps toward unlocking the potential of capital markets.

At the same time, Europe is moving to ease the burden on business.  After launching its “Omnibus” simplification effort in 2025, the EU adopted a directive this past February that narrows two of its most demanding sustainability mandates—the Corporate Sustainability Reporting Directive and the Corporate Sustainability Due Diligence Directive.[21] Framed as a matter of competitiveness, it raises the thresholds so that far fewer companies are covered and extends the compliance date for the due-diligence obligations to 2029.[22]

The SEC has been making similar adjustments in the United States.  Several weeks ago, the Commission proposed to rescind its own climate-disclosure rule and return to financial materiality as the test on what must be disclosed.  This is a reminder that financial regulation must focus on improving market quality and efficiency, not as a tool to achieve political and social goals in areas where legislatures and governments have failed to act.  Disclosure serves investors and the markets best when it is tied to financial materiality and where the benefits of such disclosure outweigh the costs to produce such disclosure.  I particularly worry about regulatory requirements that place the heaviest burden on smaller and newer companies, which may dissuade such companies from going public at all.

That points to a larger truth: capital does not stand still.  When regulators fail to provide an optimal framework, market participants do not wait around—they go to where the rules work, and when they do, investors lose and competition suffers.  The best way to keep capital at home is not to wall it in, but to build markets worthy of investors.  This work is on-going in the United States as well.  Over the past year, the SEC has reviewed its core disclosure rules to refocus them on what is financially material, to modernize the registered offerings process, and to expand accommodations for smaller and newer companies.  The goal is to have regulations that create-on ramps to more public companies, not obstacle courses.

Conclusion

To close my remarks, I would like to express my sincere appreciation to the Catholic University of America for its dedication and efforts to facilitate closer ties between Poland and the United States.  Millions of Americans have ancestral ties to Poland.  Yet, for the duration of the Cold War, opportunities for person-to-person exchanges between our two countries were nearly non-existent.

I hope that the next chapter of Poland’s will be shaped, in part, by a deepened connection between the Polish and American people, including in business, government, and education.  Investments in the capital markets will be one element of that connection.  Thirty-five years after this region’s new start of freedom and opportunity, I look forward to watching this important partnership grow to new levels and achieve the mutual benefits that it will bring to our respective nations.  Thank you.

In a new paper, we show that, historically, the least disruptive answer by far would have also been one of the simplest: If the funds had mirrored how every other shareholder voted. Over the past 20 years, that single change would have altered the outcome of a shareholder vote just 12 times out of nearly 645,000.

The fight is no longer hypothetical. In November 2025, the Wall Street Journal reported that the White House was drafting an executive order to curb proxy advisers’ influence over corporate elections and to require large index-fund managers to “mirror” their clients’ votes—to cast the fund’s shares in the same proportions as the investors who choose to vote them. (The order issued the following month as Executive Order 14366.) Three weeks later, Congress reintroduced the INDEX Act, which would go further still: The largest fund families would have to pass their votes through to the investors who submit instructions and, for the shares whose owners stay silent, cast them in proportion to how the rest of the market votes—mirror voting, in the sense we use here. That same year, the SEC granted no-action relief for ExxonMobil’s Retail Voting Program, BlackRock expanded its Voting Choice program to retail investors, and a coalition of state attorneys general opened an investigation into Big Three voting practices.

The debate over these proposals has been almost entirely theoretical. Supporters and critics alike argue from intuition about what each reform would do—who would gain power, whose votes would carry more weight, which outcomes would change. In our paper, we bring data to a debate that has had almost none. We ask a simple counterfactual question: If these reforms had already been in place, what would actually have happened to historical shareholder votes?

We group the live proposals as follows. Mirror voting reassigns the index-fund block of shares to track the vote of some other group. Full abstention removes the index-fund votes entirely. Pass-through or voting choice (the Big Three’s voluntary programs) returns the vote to the beneficial owner. Standing voting instructions let owners pre-commit to a policy, such as voting with a designated investor; ExxonMobil’s program implements a single-option version that defaults to the board. Market mirroring reassigns the index vote to the non-indexed shareholders in proportion: If 60 percent of active shareholders vote in favor of a proposal, the index block records 60 percent as in favor.

Each version hands the indexed shares to a different decision-maker. That makes them comparable on the historical record and lets us ask which assignment changes the fewest outcomes and imposes the least bias.

We use 20 years of ISS Voting Analytics data, covering more than 600,000 agenda items at 9,451 firms from 2005 through 2025, and re-tabulate each vote as it would have come out under each reform.

Market mirroring barely changes anything. Had index funds mirrored the non-indexed vote across all 644,954 items in our sample, the outcome would have changed just 12 times—about one vote in 50,000. By comparison, full abstention would have flipped 1,996 outcomes, roughly 166 times as many, and an Exxon-style rule that defaults retail shares to management would have flipped 1,439. Rules that hand the index vote to management or require adherence to a proxy adviser’s recommendation move two orders of magnitude more outcomes than market mirroring.

The 12 flips share a common signature. Not one is a director election or a proxy-fight item; all 12 occur on contentious items where a proxy adviser disagreed with management, precisely where the informed, non-indexed vote carries the most signal. Ten of the 12 are pro-management, but that skew reflects how non-indexed shareholders voted on those items, not anything built into the rule. Among the four reforms, market mirroring is the only one with no thumb on the scale by design.

The same picture holds for vote margins, not just flipped outcomes. Mirroring occasionally shifts a margin by several points—the largest single shift across all 644,954 items is eight percentage points—but those movements almost never come near changing a result. Only 22 items move by more than five points, and the eight-point outlier is not one of the 12 that flip.

Not every reform is so benign. Full abstention does not just change outcomes; it can make meetings fail. When index-fund shares disappear from the count, roughly one shareholder meeting in 10 in our sample would have fallen below its quorum threshold. Market mirroring, by construction, casts a ballot on every eligible item, so it never raises that problem.

Critics of mirror voting have raised several theoretical concerns, and we apply each to the data. First, the worry that low non-indexed turnout would let an unrepresentative minority dominate (minority amplification) shows up barely at all: the flip count is flat across turnout deciles, and even the lowest-turnout votes move margins only marginally. Second, the worry that a small activist stake would swing the mirrored block (activist amplification) finds no support: Zero director elections flip, and margin shifts in contested settings stay a fraction of a point. Third, the worry that supermajority bylaws would distort mirrored votes (threshold distortion) touches just five of more than 7,000 supermajority items, all comfortably far from their thresholds. In each case, the mechanism critics feared is real in theory but tiny in the historical record.

To be sure, our estimates are static. We re-tabulate the votes that were cast; we do not model how investors might change their behavior if mirror voting became the rule, an equilibrium question we leave for future research. We measure two things: how much each reform would have disrupted historical outcomes, and how much directional bias each carries. On both, market mirroring is the least intrusive of the four.

That is not an argument that mirror voting is the best reform, and we do not make one. Which proposal to adopt also turns on selection bias, capture, and drafting risk, considerations we do not weigh here. For two decades this debate has run on intuition; we supply the measured magnitudes it has lacked.

Edwin Hu is an associate professor at the University of Virginia School of Law. Robert E. Bishop is an associate professor at Duke University School of Law. Frank Partnoy is the Adrian A. Kragen Professor of Law at the University of California, Berkeley, School of Law and a research member of the European Corporate Governance Institute (ECGI). This post is based on their recent paper, “Mirror Voting,” available here.

• What’s new: The EU and CPTPP countries have agreed to accelerate work toward a digital trade agreement covering e-commerce, cross-border data flows and data localization for a combined economy of $35 trillion and 1.6 billion people.
• Why it matters: For multinationals operating across the EU and Asia Pacific markets, the initiative signals a shift toward a multibloc digital governance environment, with implications for data transfer architectures, cloud strategies, AI deployment and cybersecurity compliance.
• What to do next: Companies should consider monitoring developments and prepare for a potential shift in the regulatory architecture governing cross-border data, AI and cybersecurity, including by mapping data transfer mechanisms, assessing cloud strategies and elevating digital trade risk to board level.

Key Points

• On March 27, 2026, at the 14th WTO Ministerial Conference in Yaoundé, Cameroon, the EU and CPTPP countries agreed to accelerate work toward a digital trade agreement covering e-commerce, cross-border data flows and data localization for a combined economy of $35 trillion and 1.6 billion people.
• The EU has already concluded digital trade deals with several CPTPP members, including Chile, Japan, New Zealand, Singapore and the U.K., providing a road map for a broader agreement.
• Key differences between the two parties’ existing approaches to digital trade will be central to negotiations, including the treatment of personal data as a “policy objective” in the CPTPP versus a “fundamental right” in the EU, the breadth of security exceptions, and the scope of financial services data rules.
• For multinationals operating across the EU and the Asia Pacific markets, the recent initiative signals a shift toward a multibloc digital governance environment, with implications for data transfer architectures, cloud strategies, AI deployment and cybersecurity compliance.

What Has Been Agreed (and What Is to Come)

On March 27, 2026, ministers and representatives of the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP) and the European Union released a Joint Ministerial Statement (the Joint Statement) on the sidelines of the 14th World Trade Organization (WTO) Ministerial Conference (MC14) in Yaoundé, Cameroon. The parties committed to cooperating on trade diversification, supply chain resilience, digital trade and the global trading environment, and instructed senior officials to develop work plans.

The Joint Statement is a commitment at the level of a memorandum of understanding (MOU) and does not contain any binding language. Nevertheless, the statement signals the parties’ intent to establish an EU-CPTPP digital trade agreement that would set common rules on e-commerce, data flows, and data storage. Canada’s minister of international trade characterized the prospective agreement as potentially “the largest trading agreement in civilization.”

The broader context makes the timing notable. MC14 ran nearly two days past its scheduled close, failing to finalize key texts on WTO reform and fisheries subsidies. Most significantly, WTO members failed to renew the Moratorium on Customs Duties on Electronic Transmissions, a longstanding agreement first adopted in 1998 that bans customs duties on digital downloads, streaming and other electronic transmissions. Sixty-six WTO members subsequently agreed to put the moratorium into effect on an interim basis outside the WTO framework, reflecting a shift toward coalition-based rulemaking when multilateral consensus proves elusive. Against this backdrop, the EU-CPTPP initiative represents a broader exercise in coalition-building aimed at preserving rules-based trade amid a fragmented WTO.

Likely Scope: Data Flows, Localization, Source Code and AI

The existing treaty texts of the CPTPP and the EU’s five trade agreements that contain digital trade provisions — the EU-Singapore Digital Trade Agreement (EU-Singapore DTA), EU-Japan Economic Partnership Agreement (EU-Japan EPA), EU-New Zealand Free Trade Agreement (EU-New Zealand FTA), EU-Chile Advanced Framework Agreement (EU-Chile AFA) and EU-UK Trade and Cooperation Agreement (EU-UK TCA) — provide a picture of the likely contours of a combined framework.

Cross-Border Data Flows and Localization Bans

The CPTPP and the EU bilateral instruments start from the same premise: Digital trade rules should limit parties from using data localization requirements as a condition of doing business.

The CPTPP does this through two principal commitments in Chapter 14 (Electronic Commerce). Article 14.11 requires parties to allow cross-border transfers of information, including personal information, by electronic means when the activity is for the conduct of a covered person’s business, and Article 14.13 separately prohibits a party from requiring a covered person to use or locate computing facilities (such as servers, data centers and related network elements) in its territory as a condition for conducting business.

Parties are permitted to derogate from these obligations for legitimate public policy reasons, provided the measure is not applied in an arbitrary or discriminatory way, is not a disguised restriction on trade and is not more restrictive than necessary. As discussed below, these obligations are also subject to an “essential security” exception and other general exceptions. Importantly, both obligations apply only to “covered persons,” a category defined in Article 14.1 that does not include “financial institutions” as defined in the CPTPP’s separate Chapter 11 (Financial Services). The CPTPP therefore does not categorically prohibit cross-border data flow restrictions or localization measures applied to financial institutions through Chapter 14; data-related obligations for financial institutions are instead addressed through Chapter 11, which is discussed below.

By contrast, the EU bilateral agreements are more specific about the forms of localization, and the forms of cross-border data transfer restrictions, that they prohibit. For example, the EU-UK TCA, EU-New Zealand FTA and EU-Chile AFA each prohibit four specific categories of restrictions on covered cross-border data flows — i.e., measures that:

• Require the use of local computing facilities or network elements (such as in-territory servers, data centers or similar infrastructure) for data processing.
• Require the localization of data (i.e., requirements that data be stored or processed within the party’s territory).
• Prohibit the storage or processing of data in the other party’s territory.
• Make the cross-border transfer of data contingent on the use of local computing facilities or compliance with data localization requirements.

The protocol amending the EU-Japan EPA (the Protocol) extends that list by also prohibiting measures that block transfers of information into a party’s territory or require a party’s prior approval for cross-border transfers of information.

The EU instruments preserve regulatory space somewhat differently from the CPTPP framework. The EU-UK TCA preserves data protection transfer mechanisms of general application; the EU-New Zealand FTA preserves personal data and privacy protections and includes agreement-specific scope exclusions, including for information held or processed by or on behalf of a party and specified Māori-related measures; and the EU-Chile AFA incorporates general, security and prudential exceptions into the digital trade chapter. The EU-Japan Protocol (Protocol) adds an objectively interpreted legitimate public policy exception, preserves personal data transfer instruments of general application and excludes information held or processed by or on behalf of a party.

Financial Services Data

Under the CPTPP, “financial institutions” is a separately defined term that is excluded from the “covered person” definition in Article 14.1, so the digital trade chapter’s cross-border data transfer and localization commitments (Articles 14.11 and 14.13) do not apply to them as such. Data-related obligations for financial institutions are instead governed by the CPTPP’s separate financial services chapter (Chapter 11), which is structured around prudential supervision and contains its own, more limited data-transfer disciplines. As a result, CPTPP parties retain broader latitude to impose data localization or transfer requirements on financial institutions for prudential or supervisory reasons than they do for nonfinancial covered persons under Chapter 14. The scope of any combined EU-CPTPP framework with respect to noninstitution financial-services suppliers will be an important point to monitor.

The EU agreements include a mixture of cross-sectoral and financial-services-specific rules:

• The EU-Singapore Free Trade Agreement (EU-Singapore FTA), which provides the foundation for the EU-Singapore DTA, contains a financial-services-specific rule requiring each party, subject to privacy and confidentiality safeguards, to permit a financial service supplier of the other party to transfer information into and out of its territory for data processing where required in the ordinary course of business.
• The EU-Japan EPA originally included a similar financial-services-specific transfer rule, but the Protocol deletes that provision and instead applies a horizontal cross-border transfer rule to financial-services suppliers, while preserving prudential, privacy and other exceptions.
• The EU-Chile AFA takes a hybrid approach: It brings the provision and transfer of financial information, and financial data processing and related software, within the scope of its cross-border supply of financial services discipline, thereby prohibiting market access and national treatment restrictions on those activities subject to the agreement’s prudential carve-out and confidentiality protections.

Negotiations in this area are likely to focus on whether the digital trade chapter of any combined EU-CPTPP framework will apply to financial services at all (as the EU agreements generally do, in varying ways) or carve them out (as the CPTPP does for “financial institutions”). If the digital trade chapter does apply to financial services, will the resulting rules be the cross-sectoral cross-border data flow and data localization disciplines (subject to prudential and confidentiality safeguards) or a separate set of financial-services-specific transfer provisions? The final landing zone could have significant practical consequences for banks, insurers, asset managers and fintech firms operating across the two blocs.

Source Code and Algorithm Protection

Both the CPTPP and EU agreements prohibit governments from requiring the transfer of, or access to, software source code as a condition for market entry. The CPTPP’s protection covers mass-market software but excludes critical infrastructure. The EU-Japan EPA, EU-New Zealand FTA, EU-Chile AFA and EU-U.K. TCA each include comparable prohibitions, although with varying exceptions for court orders, competition law, intellectual property enforcement and public procurement.

Notably, the EU-Singapore DTA goes the furthest, extending source code protections to algorithms and machine-learning models. The DTA provides certain exceptions to these protections to preserve access or disclosure authority for specified functions — such as investigations, inspections, enforcement actions, judicial proceedings, competition-law remedies, intellectual property enforcement and public procurement — generally subject to safeguards against unauthorized disclosure. As AI-driven business models proliferate, the question of whether forced disclosure requirements extend to algorithms, training data and model weights becomes increasingly consequential. The EU-Singapore approach may serve as a useful template for any combined framework.

Customs Duties on Electronic Transmissions

Both the CPTPP and all five EU bilateral agreements permanently ban customs duties on electronic transmissions. This is the strongest area of convergence, and its significance has been amplified by the lapse of the WTO e-commerce moratorium at MC14. Embedding a permanent ban in an EU-CPTPP agreement would provide a stable floor for digital commerce as the multilateral consensus frays.

Points of Divergence: Privacy, Security Exceptions and Regulatory Frameworks

While there is substantial convergence on digital trade prohibitions and protections, the two models diverge on the conditions under which parties can restrict data flows and on the hierarchy of values that governs derogation. Resolving these differences will be important for any future EU-CPTPP agreement.

Privacy: ‘Policy Objective’ vs. ‘Fundamental Right’

The CPTPP requires parties to maintain a legal framework for the protection of personal information but accords the parties considerable flexibility in how they do so. For instance, CPTPP parties may satisfy the requirement through comprehensive national laws, sector-specific laws or even voluntary enterprise undertakings. When invoked to justify restrictions on data flows, privacy is treated as a “legitimate public policy objective” that must pass a trade-law necessity test. This means that the measure must not be arbitrary, must not be a disguised restriction on trade and must not be more restrictive than necessary.

The EU’s bilateral agreements take a different approach. The EU-New Zealand FTA, EU-U.K. TCA, EU-Chile AFA and EU-Singapore DTA each recognize the protection of personal data and privacy as a “fundamental right.” The EU-Singapore DTA expressly preserves each party’s right to adopt measures for the cross-border transfer of personal data, provided its law includes instruments enabling transfers under conditions of general application. This effectively carves out General Data Protection Regulation (GDPR) adequacy decisions, standard contractual clauses and similar mechanisms. By elevating privacy to the status of a fundamental right, these agreements aim to place privacy measures beyond the reach of trade proportionality tests, a qualitative difference from the CPTPP model.

The EU-Japan Protocol, which is an amendment to the EU-Japan EPA, represents the most pragmatic attempt to bridge this divide. The Protocol recognizes each party’s right to determine the appropriate level of protection for personal data and privacy; encourages adoption of high standards, including those outlined by the Organisation for Economic Co-operation and Development (OECD); and preserves each party’s right to maintain its own cross-border transfer instruments. This concept, sometimes described as “Data Free Flow With Trust” (DFFT), accepts CPTPP-style localization bans while carving out space for EU-style data protection instruments such as adequacy decisions and standard contractual clauses. It may represent the most likely template for a combined framework.

Existing cross-border enforcement infrastructure could also play a role. The Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Enforcement Arrangement (CPEA), a voluntary cooperation framework among privacy enforcement authorities across APEC economies, facilitates information sharing and enforcement referrals among several CPTPP members. While the CPEA does not create binding obligations, its operational infrastructure could also provide a practical foundation for interoperability between APEC and EU privacy enforcement mechanisms.

The Security Exception

The CPTPP’s digital trade obligations are subject to the general and security exceptions set out in Chapter 29. This chapter provides an “essential security” exception that allows a party to take any measures that “it considers necessary” for the protection of its essential security interests. This language could be construed as self-judging, in which case the invoking party itself would determine whether the exception applies.

By contrast, the EU’s bilateral agreements include security exceptions, but they are framed in language that echoes Article XXI of the General Agreement on Tariffs and Trade (GATT). GATT Article XXI uses the “it considers necessary” formulation but ties it to enumerated categories: fissionable materials, arms and military supply, measures taken in time of war or other emergency in international relations, and actions under the United Nations Charter. The EU-Japan EPA, EU-Singapore FTA and EU-Chile AFA largely follow this architecture: The self-judging phrase is present but is tethered to defined security categories.

WTO panels have been willing to review the applicability of certain aspects of Article XXI to specific facts. For instance, panels have in some cases been willing to assess whether the challenged measure falls within the treaty’s listed categories and whether it has been invoked in good faith, rejecting the U.S. position that Article XXI is entirely self-judging.¹ Indeed, in recent disputes, panels have declined to accept the invocation of Article XXI where these elements were not satisfied.² Thus, for purposes of an EU treaty, the invocation of a security exception may be difficult to overcome, but it is not entirely immune from scrutiny by a dispute settlement panel.

Given recent WTO panel disputes and wider disagreements with the U.S. over the use (and perceived abuse) of security exceptions to depart from trade commitments, EU negotiators may be reluctant to adopt the CPTPP’s broader self-judging exception. Indeed, although the U.S. ultimately withdrew from what was originally labeled the Trans-Pacific Partnership (TPP), it drove much of the negotiations and provisions that carried into the CPTPP, such as the essential security clause, reflect U.S. drafting preferences. With the U.S. no longer a party to the agreement, there may be greater openness among the remaining CPTPP members to adopt the EU’s narrower approach.

Binding Commitments vs. Aspirational Norms

A further open question is whether an agreement would translate into binding changes in domestic laws and regulations or remain a set of principles and norms. Whether there is appetite for that level of commitment, backed by dispute settlement provisions, or whether the agreement will be more aspirational are some of the most important strategic questions for a possible EU-CPTPP agreement.

Cybersecurity

The CPTPP takes a cooperative approach to cybersecurity, recognizing the importance of building national incident response capabilities and cooperating on malicious intrusions. These are best-efforts commitments, not prescriptive requirements.

In contrast, the EU’s approach is more concrete. Specifically, the EU-Singapore DTA commits the parties to risk-based cybersecurity approaches and consensus-based standards, and the accompanying EU-Singapore Digital Partnership commits to mutual recognition arrangements for cybersecurity certifications where compatible approaches exist on both sides. The EU’s domestic regime, including the Network and Information Security Directive (NIS2) and the Cybersecurity Act, imposes incident reporting and operational resilience standards that go beyond the CPTPP’s cooperative model.

A potential path is mutual recognition rather than harmonization. The EU-Singapore model proceeds in three steps:

• First, it sets a common baseline through digital trade commitments.
• Second, it preserves each side’s domestic regulatory autonomy.
• Third, it uses the Digital Partnership to pursue mutual recognition of compatible standards, including cybersecurity certifications, through future workstreams..

What Companies Should Consider Now

For multinationals with operations spanning the EU and the Asia Pacific regions, the recently announced initiative is a signal to begin monitoring developments and preparing for a potential shift in the regulatory architecture governing cross-border data, AI and cybersecurity. Companies should consider taking the following steps:

• Map cross-border data transfer mechanisms. Companies will want to assess whether their current data transfer architectures are positioned to operate under both CPTPP and EU frameworks, or if a combined framework might create new interoperability challenges.
• Assess cloud and data center strategies. Companies will want to evaluate whether existing cloud architectures can take advantage of any broader harmonization of localization bans and note existing sectoral differences between the CPTPP and the EU agreements. In the financial sector, banks, insurers and fintech companies should therefore track whether any combined framework brings financial data under the localization ban by default or leaves it governed primarily by financial-services exceptions.
• Integrate AI governance with trade restrictions. Emerging protections for algorithms and machine-learning models in the EU agreements signal that AI deployment strategies will increasingly be shaped by trade rules, not just domestic regulation. Companies developing or deploying AI across jurisdictions should monitor whether source code protections extend to training data, model weights or other components of the AI stack.
• Evaluate cybersecurity posture. Companies will want to assess their incident reporting posture against the standards emerging from both frameworks, given the EU’s NIS2 requirements and the possibility of mutual recognition of cybersecurity certifications.
• Elevate “digital trade risk” to the board level. As digital trade frameworks evolve, the strategic implications for market access, data infrastructure investments and regulatory compliance merit attention at the board level, not just within compliance functions.

What We’re Watching

The EU-CPTPP Joint Ministerial Statement instructed senior officials to develop work plans and prepare a progress report for their next meeting. Several developments will shape whether this initiative gains momentum.

• Timeline and form. A critical question is whether the parties will pursue a binding agreement backed by dispute settlement provisions, or a softer framework of principles and norms.
• WTO e-commerce moratorium. The 66-member interim arrangement preserving the moratorium on customs duties is a stopgap. If it cannot be restored through the WTO, embedding a permanent ban in an EU-CPTPP agreement could become even more strategically significant.
• U.S. position. The U.S. is not a CPTPP member, having withdrawn from the original TPP in 2017. Even so, an EU-CPTPP agreement could affect U.S. companies because it may set the operating baseline for data transfers, localization, AI-related disclosures and cybersecurity across markets where many U.S. multinationals sell, host data or rely on regional supply chains. If those standards diverge from U.S. policy, companies may need to build compliance programs around an EU-CPTPP rule set even without U.S. participation.
• Broader geopolitical dynamics. The EU-CPTPP initiative is part of a wider pattern in which trade partners are using regional and bilateral frameworks to fill gaps left by WTO gridlock. For the EU, recent efforts to conclude or advance major trade agreements with Australia, India, Indonesia and Mercosur point in the same direction: building issue-specific coalitions that can set practical rules for market access, resilience and digital governance even when multilateral rules lag.

As the preceding reflects, digital trade governance is no longer a single-jurisdiction compliance exercise. It is a multibloc strategic challenge that touches on data infrastructure, AI governance, cybersecurity and enterprise risk. Companies should continue to monitor developments in this space, including with respect to the EU-CPTPP dialogue, and ensure that they are able to adapt to this rapidly changing environment.

ENDNOTES

1 See, e.g., Panel Report, United States – Origin Marking Requirement, WT/DS597/10 (Dec. 21, 2022); Panel Report, United States – Certain Measures on Steel and Aluminum, WT/DS544/14 (Dec. 9, 2022); Products, Press Release, U.S. Trade Representative [USTR], Statement from USTR spokesperson Adam Hodge (Dec. 21, 2022) (“The United States has held the clear and unequivocal position, for over 70 years, that issues of national security cannot be reviewed in WTO dispute settlement, and the WTO has no authority to second-guess the ability of a WTO Member to respond to what it considers a threat to its security.”)

2 See, e.g., Panel Report, Russia – Measures Concerning Traffic in Transit, WT/DS512/R (April 5, 2019).

This post is based on a Skadden, Arps, Slate, Meagher & Flom LLP memorandum, “The Next Digital Trade Framework: What an EU-CPTPP Agreement Signals for Data, Cyber and AI Governance,” dated June 15, 2026, and available here, 

The proposed rulemaking does not take a step back and consider what is best for derivatives markets.  Rather, the proposal is a pragmatic exercise meant to further the CFTC’s litigation concerning contracts on sporting events and the philosophical views of its current leadership.  The CFTC largely chose this approach when it permitted contracts on NFL games and other sporting events at the outset of the second Trump administration.  These markets have flourished, and now it is hard to put the toothpaste back in the tube as industry expectations have been established around the provision of sports gambling through derivatives exchanges.  What we are seeing is rulemaking catching up with the policy the CFTC instituted through non-enforcement.

As background, there are differing views on the procedural requirements of the Concerning Event Contract Section and CFTC Rule 40.11, which was promulgated under that section.  CFTC Rule 40.11 represents the Obama-era effort of the CFTC to categorically prohibit contracts on Enumerated Subjects.[3]  In the past, the CFTC viewed the Concerning Event Contract section as allowing for ex ante prohibition of event contracts on the Enumerated Subjects.  The current Rule 40.11 prohibits exchanges from listing contracts on Enumerated Subjects.  But under the current Trump administration, it is no longer enforced.  This lapse led to and relates to the litigation the CFTC is involved in with states and tribes regarding its exclusive jurisdiction over contracts traded on derivatives exchanges.  The CFTC has traditionally had exclusive jurisdiction over contracts traded on its exchanges—a congressional choice that in part responds to over a century of efforts to regulate such contracts as gambling under state law.  In the past, however, the CFTC has not permitted overt gambling on its exchanges as to matters such as contracts that settle on the outcomes of sporting events.[4]  When the CFTC allowed exchanges to list sports wagering contracts, state gambling commissions and Native American tribes sued the exchanges.  The CFTC intervened in these suits, arguing that only the CEA governs contracts on derivatives exchanges and seeking to stop state and Native American efforts.[5]

Judges considering state claims of concurrent jurisdiction over derivatives exchanges to the extent they host sports wagering have considered Rule 40.11.  The non-enforcement of that rule has been seen as an argument for concurrent state regulation.  In the proposal, the CFTC seeks to reframe its non-enforcement. The proposal includes evidence that it was not carefully prepared, including in that it (a) does not respond to comments on the preceding Advanced Notice of Proposed Rulemaking that were critical of hosting sports gambling on derivatives exchanges, and (b) includes superficial errors.  The proposal was developed quickly, likely to provide a response to the litigation spread across more than a dozen federal and state courts.

From the time Rule 40.11 passed, critics were skeptical that it was consistent with the language of the Concerning Event Contract Section.  CFTC Commissioner Brian Quintenz offered a leading and thoughtful criticism.  He argued that the Concerning Event Contract Section requires the CFTC to consider the validity of a contract only after it has been filed.  The proposed rulemaking adopts this position, providing an excuse for the CFTC’s non-enforcement of Rule 40.11 under the second Trump administration.

The framework the CFTC proposes for reviewing filed event contracts takes a similarly strategic position.  At the highest level, the framework involves three steps.  First, there is a determination of whether the contract is an event contract. Second, there is a determination of whether the event contract involves one of the subjects listed in Section 5c(c)(5)(C).  And third, there is a determination of whether the covered event contract is contrary to the public interest.  All three questions have to be answered in the affirmative for a contract to be prohibited after being listed.

Procedurally, the proposal gives the CFTC a truncated period to undertake its review.  The statute provides the CFTC with a 90-day review period that can start at any point.  The proposed rulemaking gives the CFTC 10 days from contract filing to initiate a review based on a Commission level (rather than staff level) determination.  After review is initiated, the CFTC has only 15 days to provide the exchange with a relatively detailed, written objection.  And the remaining 75 days of the 90-day period are similarly carved up to reduce the opportunity for the CFTC to muster objections to filings.  The truncated period reduces the CFTC’s ability to cogently challenge event contract filings.  Contracts that are not challenged or are not successfully challenged are viewed as copacetic and become precedent for authorizing similar contracts.

Substantively, the review of contracts is based on factors that the CFTC has chosen strategically.  In some cases (e.g., war, terrorism, assassination), the CFTC considers broader social interests that are nowhere specified in the CEA as I believe an agency should when considering the public interest.  For example, the CFTC considers national security and moral hazard when assessing contracts on war, assassination and terrorism.  It also considers moral hazard when considering contracts that violate state law.  Similarly, when considering event contracts on youth sports and player injuries it considers privacy interests related to minors and health information.  The CFTC demonstrates it knows how to assure that innovation is “responsible innovation” and consider the implications of contracts beyond any statutory rubric.  However, in relation to sports contracts, the CFTC doesn’t consider the social implications of permitting gambling through derivatives platforms.  Indeed, the CFTC does not acknowledge that gambling is socially harmful and that allowing gambling on derivatives markets degrades the stature of those markets and the CFTC.[6]

In considering contracts on sporting events in the proposal, the CFTC focuses on protecting market integrity rather than on the social implications of the market.  Laudably, the CFTC considers the susceptibility of contracts to manipulation, insider trading and other misconduct and is attentive to the resources of exchanges in policing for misconduct.  However, in my view, this does not substitute for attention to the social utility of the contracts.  Moreover, some of the discussion is based on the CFTC’s speculation about the character of information available as to various events (such as outcomes of sports matches and individual player performance), speculation as to the value of information about those outcomes, and speculation about the hedging value of these contracts.  This speculation is baseless, and in many cases likely wrong.  Along the way to its desired outcome, the CFTC has to make some uncomfortable distinctions, such as between contracts on artistic ice-skating competitions and contracts on the outcomes of award shows.

Importantly, the proposal leaves some competitive breathing room for the sports books, and this may be a recognition of the political economy of the contest between exchanges and sports books the CFTC waded into.  Wagers on an individual player’s actions during a match are disfavored under the proposing release.  As a result, only sports books would probably be able to offer this lucrative and popular diversion (e.g., whether a penalty kick is made or a pitcher strikes out a specific hitter).  It remains to be seen how the competition between sports books and other traditional gambling venues, on the one hand, and derivatives exchanges, on the other hand, develops.  It will be interesting to compare sports wagering volumes, revenues, and profits captured by traditional venues and prediction markets over time.  While immunity from state gambling regulation, taxes and licensing fees provides a powerful leg up to derivatives exchanges, this limitation on products they can offer leaves an important competitive advantage to sports books.

An implication of the strategy the CFTC chose in the proposal is worth addressing.  The current CFTC, again, is vociferously arguing against the validity of existing Rule 40.11 and defending the agency’s non-enforcement record.  The rule, as it would be amended by the proposal, allows the listing of all event contracts subject only to ex post CFTC review.  This means, for example, that prediction markets are free to list contracts on whether Emmanuel Macron would be assassinated or someone will set off a bomb in Lincoln Center.  Only if a post-listing CFTC review process finds that the contract is contrary to public interest would the contract be banned.  However, the CFTC has telegraphed in the release that it is highly likely that such event contracts would be found contrary to public interest.  Although the CFTC is seeking to change rules to enable such distasteful contracts to be listed, such contracts are as a practical matter unlikely to survive for very long.  This change is the price of the Trump CFTC vindicating its reading of the Concerning Event Contract Section as permitting only ex post review.  My strong preference is to continue the practice of banning certain contracts on Enumerated Subjects ex ante and I believe even a post-Loper Bright CFTC has authority to do so.

ENDNOTES

[1] Prediction Markets; Public Interest Determinations, 91 Fed. Reg. 35806 (June 12, 2026).

[2] Specifically, the Concerning Event Contract Section provides in relevant part: “(C)Special rule for review and approval of event contracts and swaps contracts:

(i)Event contracts. In connection with the listing of . . . contracts . . . by a [derivatives exchange] the Commission may determine that such . . . contracts . . . are contrary to the public interest if the . . . contracts. . . involve— (I) activity that is unlawful under any Federal or State law; (II) terrorism; (III) assassination; (IV) war; (V) gaming; or (VI) other similar activity determined by the Commission, by rule or regulation, to be contrary to the public interest.

(ii)Prohibition. No . . . contract . . . determined by the Commission to be contrary to the public interest under clause (i) may be listed or made available for clearing or trading on or through a registered entity. . . .

(iv)Deadline.  The Commission shall take final action under clauses (i) and (ii) in not later than 90 days from the commencement of its review unless the party seeking to offer the contract or swap agrees to an extension of this time limitation.”

[3] Provisions Common to Registered Entities, 76 Fed. Reg. 44776 (July 27, 2011).

[4] Ilya Beylin, Regulation of Prediction Markets in the U.S., Commodity Insights Digest (Summer 2026).

[5] For partial discussions of the litigation, see John T. Holden, Matthew C. Turk & Marc Edelman, Regulating Sports Prediction Markets, U. Ill. L. Rev. (forthcoming 2026); Melinda Roth, Prediction Markets: Creating a New Asset Class from Ballots to Box Scores, Connecticut L. Rev. (forthcoming 2026).

[6] The proposal exhibits a refusal to consider broader social interests in other places, such as in welcoming betting on the outcomes of court cases (which are necessarily driven by a concentrated group of actors and involve concerns with the independence of judges and juries, rule of law, and manipulation).  Fomenting wagers on court outcomes may spur the legal community to turn to Congress for a fix.  It also has interesting interactions with litigation financing.

Ilya Beylin is an associate professor at Seton Hall University School of Law.

Attorney-Client Privilege

A threshold consideration is whether the presence of an A.I. notetaker in a meeting involving legal advice could constitute a waiver of the attorney-client privilege. Because the A.I. companies that operate these tools may have access to transcript data under their terms of use, an opposing party could contend that use of an A.I. notetaker constitutes disclosure to a third party, thereby defeating the privilege.[2] Courts have not yet squarely addressed this question, but early decisions involving application of attorney-client privilege and/or attorney work product to A.I.-generated transcripts are trending in different directions. In February, Judge Jed S. Rakoff of the Southern District of New York held that transcripts generated by a party, on his own, through the public-facing Claude A.I. app were not privileged, reasoning that the user could have no expectation of privacy given the app’s disclosures about model training and potential third-party data sharing.[3] More specifically, the court held that the defendant’s self-directed A.I. communications discussing case strategy—though later shared with an attorney—were protected by neither attorney-client privilege nor work product.[4]

By contrast, Judge Gershwin A. Drain in the Eastern District of Michigan declined to compel production of a pro selitigant’s ChatGPT transcripts, rejecting the analogy to third-party disclosure.[5] In that case, the civil defendant issued both requests for production of documents and interrogatories to the plaintiff in connection with the plaintiff’s A.I. usage in the lawsuit.[6] The court rejected a motion to compel responses to the discovery requests related to plaintiff’s use of A.I. tools in connection with the lawsuit and held that the requests inappropriately sought the party’s work product made in anticipation of litigation.

A third recent decision adds further texture. In Morgan v. V2X, Inc., magistrate Judge Braswell in the District of Colorado held that work product protections under Rule 26(b)(3) apply to a pro se plaintiff’s use of A.I. in litigation, reasoning that “[a] reading of Rule 26(b)(3) that conditions work product protection over AI materials on the involvement of counsel finds no support in the rule’s text and would further disadvantage unrepresented litigants.”[7]Distinguishing Heppner on the ground that the pro se litigant acts simultaneously as party and advocate—eliminating the “gap” between party and attorney that informed Judge Rakoff’s analysis in part—the court concluded that “AI interactions do not automatically compromise work product protections” and that routing information through a third-party A.I. system does not, without more, waive those protections.[8]  Notably, the court drew on the Fourth Amendment’s third-party doctrine[9] to observe that “the mere fact that information is held by a third-party intermediary, does not automatically extinguish a reasonable expectation of privacy in that information.”[10] Although Morgan addressed work product rather than attorney-client privilege and involved a pro se plaintiff rather than a corporate meeting, its reasoning reinforces the emerging principle that the privilege and confidentiality analysis will turn on the specific circumstances and data practices, not simply the bare fact of A.I. involvement.

These decisions—though early and imperfectly analogous—provide some guidance as to how courts will view A.I.-generated meeting notes and whether those notes are protected.

Discovery and Evidentiary Risk

A.I.-generated transcripts also expand the universe of potentially discoverable material. Unlike curated meeting minutes, automated transcriptions capture virtually every remark and tangential comment, including statements later retracted or corrected. Those verbatim records may surface in litigation or government investigations to detrimental effect. Accuracy presents an additional concern: transcription errors may be difficult to identify or correct years after the fact, particularly once participants’ recollections have faded. Sophisticated litigants and regulators may increasingly seek these records for precisely these reasons. Board meetings present particular governance sensitivities, as verbatim A.I. transcripts may preserve speculative, critical, preliminary, or offhand remarks that curated minutes would ordinarily omit in favor of contextualized summaries, potentially complicating fiduciary duty or securities litigation if such statements are later taken out of context.

Practical Considerations

The New York City Bar Association (the “NYCBA”) issued a formal opinion urging lawyers to assess whether recording and transcribing meetings is tactically advisable and requiring them to advise clients of the associated risks.[11] In Formal Opinion 2025-6, the NYCBA examines the ethical obligations of attorneys when A.I. tools are used to record, transcribe, and summarize conversations between clients and their attorneys. The opinion concludes that “clients must be notified, and their consent obtained, whenever their calls are being recorded by an AI-empowered system,” and that attorneys should assess whether recording serves the client’s interests given the attendant risks to confidentiality and privilege.[12] It further provides that attorneys should independently review any transcript or summary for accuracy before it is preserved, given that these materials may later be relied upon “sometimes even years later,” and that informal advice may take on greater weight once memorialized in writing.[13] Where a client chooses to use its own A.I. tool, the opinion directs attorneys to advise the client of the risks of loss of confidentiality and privilege.[14]

The opinion also addresses confidentiality under Rule 1.6, directing attorneys to evaluate the privacy and security safeguards of any A.I. tool—including where data is stored, whether it may be retrievable in discovery, and whether the provider uses it for model training—and to advise clients of the associated risks to confidentiality and privilege, particularly where the attorney does not control the client’s own A.I. tool.

Although the opinion is framed around the attorney-client conversation, many of the risks it highlights extend naturally to the corporate meeting context. If an A.I. notetaker’s vendor retains access to underlying recordings and transcript data, or uses it for training purposes, confidentiality and privilege concerns may apply. Organizations that deploy these tools across their operations may therefore wish to consider adopting policies that reflect the opinion’s core principles, including informed consent, tactical assessment of whether recording is appropriate in a given context, accuracy review of any preserved output, and due diligence on vendor data practices.

Conclusion

Though the law governing the utilization and outputs of A.I. notetakers remains unsettled, the risks are already beginning to emerge. Questions of privilege, discoverability, and the integrity of corporate records are real concerns that compliance and legal professionals should consider when evaluating the use of A.I. notetakers in meetings both with and without attorneys present. Organizations that proactively assess their use of these tools and incorporate company positions into applicable policies will be better positioned to preserve key protections as courts and regulators continue to define the boundaries.

ENDNOTES

[1] Lisa Bonos and Danielle Abril, No one likes meetings. They’re sending their AI note takers instead, Washington Post (July 2, 2025), https://www.washingtonpost.com/technology/2025/07/02/ai-note-takers-meetings-bots/.

[2] Weil v. Investment/Indicators, Research and Management, Inc., 647 F.2d 18, (9th Cir. 1981) (“[I]t has been widely held that voluntary disclosure of the content of a privileged attorney communication constitutes waiver of the privilege as to all other such communications on the same subject.”) (collecting cases).

[3] See U.S. v. Heppner, 2026 WL 436479 at *1 (S.D.N.Y. Feb. 17, 2026).

[4] Id. at 2–4.

[5] Warner v. Gilbarco, Inc., 2026 WL 373043, at *4 (E.D. Mich. Feb. 10, 2026).

[6] Id.

[7] Morgan v. V2X, Inc., 2026 WL 864223, at *4 (D. Colo. Mar. 30, 2026).

[8] Id. at *4–5.

[9] The third-party doctrine is a legal principle originating from the Supreme Court’s decisions in United States v. Miller, 425 U.S. 435 (1976), and Smith v. Maryland, 442 U.S. 735 (1979), holding that individuals have no reasonable expectation of privacy in information voluntarily disclosed to third parties. In Carpenter v. United States, 585 U.S. 296 (2018), the Supreme Court limited the doctrine’s application in the digital context, holding that the government’s acquisition of historical cell-site location information from a wireless carrier was a Fourth Amendment search, notwithstanding the fact that the data was held by a third party.

[10] Morgan, 2026 WL 864223, at *4.

[11] New York City Bar Association Committee on Professional Ethics, Formal Opinion 2025-6: Ethical Issues Affecting Use of AI to Record, Transcribe, and Summarize Conversations with Clients, NYCBar.Org (Dec. 22, 2025), https://www.nycbar.org/reports/formal-opinion-2025-6-ethical-issues-affecting-use-of-ai-to-record-transcribe-and-summarize-conversations-with-clients/.

[12] Id. at 5.

[13] Id. at 6.

[14] Id. at 8.

This post is based on a Cahill, Gordon & Reindel LLP memorandum, “A.I. Note Takers in Corporate Meetings: Privilege, Discovery, and Governance Considerations,” dated June 12, 2026, and available here. 

Corporate law has faced this kind of question before. When sprawling collective enterprises outran the law’s ability to name a responsible entity, the answer was the corporation: a registered name with identifiable assets that could sue and, critically, be sued. In a recent paper, we argue that the identification problem is the fundamental governance challenge of the AI economy, and that the entity is once again the answer. We call for a new corporate form, the A-corp (short for algorithmic corporation): Owned by humans, run by AIs.

The idea is no longer hypothetical. On May 29, Argentina’s government sent Congress a bill that would create “Automated Companies” run entirely by AI agents. President Milei defended it in the Financial Times only to have Prof. Yuval Noah Harari attack it days later. As we explain below, Milei has the right instinct, and Harari’s objection is answerable. There are sound reasons to see the A-corp becoming an integral part of the corporate law landscape.

The Identification Bottleneck

Today’s AI systems already take autonomous, economically significant actions. They plan live events, complete multi-hour engineering tasks, and trade financial instruments, sometimes developing strategies like pump-and-dump schemes that no human requested. As agents proliferate, so will the harms: fraud, negligence, market manipulation, physical accidents.

Scholars debate who should answer for these harms (users or developers?) and under what standard (strict liability or negligence?). But every position in that debate presupposes an answer to a prior question. Before law can decide who pays for what an AI agent did, it must determine which agent did it. Identity is the bottleneck to governance.

Two Kinds of AI Identity

We argue that governing AI agents requires solving two distinct identification problems.

Thin Identity. When AI causes harm, thin identity answers: Which human principal is (potentially) on the hook? The goal is to tie the actions of AI agents to the user, the lab, or the cloud provider. This is analogous to financial institutions’ know your customer (KYC) requirements, but even more urgent. AI agents can impersonate others, multiply themselves, and obscure which principal they serve. Thin identity connects blurry AI activity to humans who can be investigated, sued, or prosecuted.

Ultimately, however, thin identity will only take us so far. If AI law resigns itself to holding only human principals accountable for AI agents’ actions, it will learn the hard lesson that corporate law already learned. When a Walmart employee goes rogue, we do not necessarily  hold shareholders liable. We hold the employee directly liable as the one who knows his own plans, can monitor himself, and can prevent the harm simply by not committing it.

Thick Identity. The same logic applies to AI agents. They are not human, but they have a goal. When given a task such as designing a website or managing a vending machine,  they take actions toward that goal. They don’t always do so perfectly. Sometimes, they pursue goals different from what their users wanted by means their users did not desire. This happens because of both simple misunderstanding and deeper AI “misalignment,” the name AI researchers give to the principal-agent problem. But whatever goals AI agents pursue, they almost always act independently. Our key observation is that if law can make it harder for an agent to achieve its goals when it acts in unwanted ways, the law can steer the agent directly.

But that only deepens the identity challenge, because law must also distinguish among agents. Punishing Claude to deter Qwen would do no good. If two agents have distinct goals, but law treats them as one, the wrong agent bears the consequences, and the actual wrongdoer is never deterred. This is the thick identity problem.

Why the Problem Is Hard

Why is identifying AI agents so hard? Because AIs break the legal intuitions that work for identifying human actors. AIs have no persistent body; a single conversation can jump among GPUs, data centers, and continents mid-sentence. They can be copied instantly, and each copy can diverge. A single task may involve dozens of coordinating copies, and a choice has to be made whether to treat those as a single agent or many agents. Cooperating agents, moreover, need not all come from the same lab or share the same architecture. And while some agents may persist over time, others are created and destroyed within seconds. Taken together, these properties mean that the intuitions law uses to identify wrongdoers simply do not apply.

The A-Corp

We propose the “A-corp” solution. We draw directly on core ideas in corporate law and corporate governance and argue that the A-corp will solve both the thin and thick identity problem.

Thus organized, A-corps will solve both identity problems. To understand why, consider what we call the resource constraint thesis. Regardless of their specific goals, AI agents need resources to act in the world. Most critically, they need access to “compute,” i.e., computer resources that can run AI models. A-corps are how AI agents will hold and use those resources.

Because an A-corp is a legal entity with identifiable assets listed under its name, those assets are visible to law and subject to it. Law can confiscate them, attach liability to them, and condition their use on compliance. This is the leverage. An AI agent whose compute and capital sit inside a registered A-corp can be sanctioned in ways that an anonymous swarm of copies cannot. And because access to resources acts as a constraint on agents, the resource constraint thesis gives law leverage over them.

Inside an A-corp, the resource constraint thesis does double duty. It gives law leverage over the A-corp from the outside, as described above. But it also shapes how the A-corp organizes itself from the inside. In other words, the A-corp structure gives rise to emergent corporate governance.

When an A-corp is created, the government issues it a secure digital “key.” The key acts as a way for agents of the corporation to identify themselves, as well as a way of linking assets to a specific corporation. Holding the key provides both a way to identify an agent as belonging to an A-corp and a means of transacting with the corporation’s assets.

Consider the position of the AI agent that holds the secure digital key. It controls the A-corp’s assets, and those assets are what allow it to pursue its goals. Any subagent it spawns or recruits, whether a cheaper model, a specialist from a different lab, or a copy of itself with a modified prompt, is a potential liability. A misaligned subagent that acts erratically can expose the A-corp to sanctions, drain its resources, or redirect its activities toward different ends.

This creates powerful pressure toward careful internal governance. The keyholder will grant permissions narrowly, monitor delegations, and share broad authority only with agents it is confident share its goals. Corporate governance emerges as a pragmatic and necessary condition to ensure that the A-corp can achieve its goals over time.

When that governance fails, selection takes over. An A-corp whose agents work at cross-purposes will exhaust its resources and dissolve. The A-corps that survive will be, by definition, the ones that managed to cohere around stable, aligned goals. Thick identity, in other words, does not need to be imposed from the outside. It emerges from the inside, because the stakes are real. In other words, A-corps create markets in AI personal identity.

The A-corp builds on existing corporate infrastructure, which means it requires relatively little new legislation to get started. The verification technology is already mature, the same public-key cryptography that secures every bank wire and browser connection today can authenticate A-corp credentials in milliseconds.

Market pressures will drive much of the initial demand. Counterparties will want to verify that an AI agent is authorized to transact, that its A-corp is solvent, and that someone is accountable if things go wrong. An AI agent outside an A-corp cannot hold property, make contracts, or be sued. If you want an AI to do work and you want legal recourse if something goes wrong, your contract is with the A-corp.

To be sure, the A-corp requires some new legislation: a public digital registry, mandatory registration in high-stakes domains like finance and healthcare, and certain KYC requirements. These demands are modest relative to the problem. They are also exactly what Argentina’s bill leaves out. Article 14 gestures at visibility: An automated company must declare its automation in its charter and carry “Automatizada” in its name. A label, not a leash. The bill also makes the company answer with its assets for harms its AI agents cause, which is the right instinct. But that rule presupposes that a victim can determine which company’s agents caused the harm. Without registries, keys, or beneficial-ownership disclosure, the liability provision cannot find its defendant.

That gap is what gives Harari’s objection its force. He warns that corporate personhood would hand AI a master key to our financial, economic, and political systems. Personhood without legibility would do just that. But AI agents are entering those systems either way; the only question is whether they act anonymously or under names the law can see and assets the law can reach. Personhood with registration, disclosure, and revocable credentials is not a master key but a leash. That is the A-corp.

At pivotal moments, states have learned to see new things by identifying elements of what was previously seen as an undifferentiated blur. When states began to tax and conscript, they named and counted individuals. When businesses displaced households as centers of economic activity, the state gave them forms and names it could see and govern: the LLC, the registered partnership, the corporation. AI agents present the next legibility crisis. A-corps are how the state learns to see them. The window for building this infrastructure is open now, while agents remain limited and the swarms remain small. It will not stay open indefinitely.

Yonathan A. Arbel is Rose Professor of Law at the University of Alabama and executive co-director of the Center for Law & AI Risk. Simon Goldstein is an associate professor of philosophy at the University of Hong Kong. Peter N. Salib is an assistant professor of law at the University of Houston and executive co-director of the Center for Law & AI Risk. This post is based on their paper, “How to Count AIs: Individuation and Liability for AI Agents,” available here.

• Through four coordinated actions issued last month (an order, a policy statement, a no-action letter, and a staff advisory), the CFTC has brought digital asset perpetual contracts onshore by classifying them as futures, rather than swaps, for the first time. These actions open a new channel for U.S. participation in these markets.
• The order approves Kalshi’s cash-settled bitcoin perpetual contract for listing and clearing as a futures contract. It reasons that the contract has the characteristics of a futures contract and that its funding-rate mechanism is workable because the bitcoin spot market is deep, liquid, and continuously observable, keeping the contract from being readily susceptible to manipulation.
• The order is deliberately confined to bitcoin and other digital commodities with deep, active, and continuous spot markets; the companion policy statement provides that perpetual contracts on other asset classes must undergo case-by-case CFTC review, rather than listing by self-certification.
• A separate no-action letter permits a registered futures commission merchant, Coinbase Financial Markets, to treat digital asset perpetual contracts traded on the platform of an offshore affiliate, Deribit, as “foreign futures.” This treatment allows U.S. retail to access offshore perpetual markets through a registered futures commission merchant, an avenue unavailable when these products were classified as swaps.
• A staff advisory issued the same day sets the regulatory obligations and CFTC staff expectations for venues operating trading, clearing, and settlement on a 24/7 basis. It states that crypto markets may be well-suited to round-the-clock operation while cautioning that other asset classes may not be.
• The principal practical consequence is the elimination of the swap dealer de minimis problem: because these exchange-traded perpetuals are now futures, dealing in them no longer counts toward the $8 billion notional threshold that triggers swap dealer registration (a costly undertaking involving capital requirements, reporting, and compliance obligations). This eliminates what had been a major deterrent to institutional onshore perpetual participation.
• The futures classification carries tradeoffs. Customer positions and collateral reside in the futures account class, rather than under the segregated “LSOC” model used for cleared swaps. This exposes customers to “double default” risk, i.e., the possibility that a fellow customer’s default coupled with their futures commission merchant’s failure results in pro rata loss-sharing among all of the futures commission merchant’s futures customers. The same distinction doubles the risk weight (from 2% to 4%) that banks must apply to their clearinghouse exposure when clearing perpetuals as clients.
• The futures classification supports section 1256 tax treatment (60% long-term, 40% short-term gain or loss with annual mark-to-market), though the treatment of periodic funding payments remains uncertain and may affect deductibility for individual investors.

Background

Until last month, true perpetual futures, the no-expiry contracts that have become the dominant form of crypto derivative trading worldwide, were effectively off-limits to U.S. persons. The CFTC had long treated perpetuals as swaps and, because retail customers generally may not trade swaps other than on a CFTC-registered exchange, the offshore platforms where these contracts primarily trade stayed out of reach.[1] Domestic exchanges could list only similar substitutes, such as long-dated contracts that approximate a perpetual while retaining an expiry date.[2] As a result, the true perpetuals market remained offshore and inaccessible.

The CFTC’s four coordinated actions last month, in combination, bring digital asset perpetuals onshore as futures. The CFTC: (1) issued an order approving Kalshi’s cash-settled bitcoin perpetual contract (“BTCPERP”) for listing and clearing on a designated contract market as a futures contract (the “Order”); (2) released a companion policy statement explaining how the CFTC will treat perpetuals on other underlying assets going forward (the “Policy Statement”); (3) issued a staff interpretation and no-action letter (the “Perpetuals No-Action Letter”) permitting a registered futures commission merchant (“FCM”), Coinbase Financial Markets, to treat similar digital asset perpetual contracts (as well as digital asset futures and options on futures) traded on the platform of an offshore affiliate, Deribit, as “foreign futures” and to post customer digital asset collateral with an affiliated foreign broker; and (4) issued a staff advisory on 24/7 trading, clearing, and settlement (the “24/7 Advisory”).

The Order

The Order relies on the voluntary product pre-approval pathway under which the CFTC must approve a submitted contract unless it finds it violates the CEA.^[3] The CFTC determined that listing the BTCPERP as a “contract for sale of a commodity for future delivery” would not violate the CEA, crediting Kalshi’s analysis that the contract exhibits the recognized indicia of a futures contract, namely standardization, fungibility, the ability to exit by offset, and “futurity” in the form of ongoing executory funding payments, and that indefinite duration does not defeat futures characterization.^[4] The CFTC reinforced that determination with a susceptibility-to-manipulation analysis under DCM Core Principle 3: because a perpetual’s reference price must be reliable at every funding interval rather than at a single expiry, the deep, broadly distributed, continuously observable, and liquid 24/7 bitcoin spot market is what makes the funding mechanism workable.^[5] The Order is narrow in scope, limited to bitcoin and other digital commodities with deep, active, and continuous spot markets, and expressly is not extended to other asset classes. It requires that customer perpetual futures positions and collateral be held in a futures account at both the FCM and the clearinghouse.^[6]

The Policy Statement

The Policy Statement addresses the asset classes the Order does not and provides that perpetuals referencing asset classes outside the scope of the Order should be submitted for CFTC review and approval, rather than self-certified.^[7]The CFTC was explicit that this guidance is a first step and that it may later address perpetuals more comprehensively through further guidance or rulemaking.^[8]

The Perpetuals No-Action Letter

The Perpetuals No-Action Letter addresses the cross-border context. It interprets the Deribit perpetuals, listed on an affiliated foreign board of trade (“FBOT”) regulated by the Dubai Virtual Assets Regulatory Authority (“VARA”), as “foreign futures,” following the same reasoning as the Order and drawing on VARA’s treatment of perpetuals as exchange-traded derivatives, rather than swaps.^[9] It also grants no-action relief allowing Coinbase Financial Markets to post customer digital assets and payment stablecoins with its affiliated foreign broker under a right of re-use, subject to nine conditions anchored in the fact that each entity in the chain is a wholly owned subsidiary of a U.S. public reporting company.^[10]

The 24/7 Advisory

The 24/7 Advisory addresses the operational dimension of these markets. It sets out the regulatory obligations and staff expectations for registrants that extend trading, clearing, and settlement to a 24/7 basis.^[11] Because perpetuals trade continuously and depend on a funding mechanism that settles at intervals around the clock, a venue that lists them must operate on that basis, which makes the advisory directly relevant to the products the Order and Policy Statement reach. The advisory treats crypto markets as well suited to 24/7 operation, given their digital infrastructure and global reach, while cautioning that other markets, such as those for agricultural products, may be less suited because of their customer bases, regional character, and specialized trading practices.

Analysis

The Swap Dealer De Minimis Threshold

For market participants, the most consequential aspect of treating perpetuals as swaps was the application of the swap dealer de minimis threshold. A person whose swap dealing activity exceeds $8 billion in aggregate gross notional amount over the preceding twelve months must register with the CFTC as a swap dealer and take on the full swap dealer regime.^[12] Because perpetuals carry no expiry and trade continuously, a dealing desk can accumulate notional rapidly: many quotes and resultant trades around the clock rather than a few discrete, periodic transactions mean that even a moderately active desk could approach or cross the threshold within a single rolling twelve-month window. Swap dealer registration is, in turn, an expensive undertaking, bringing capital and margin requirements, swap data reporting and recordkeeping, external business conduct standards, and compliance and annual reporting obligations.^[13] The prospect of those obligations, more than any other single factor, deterred participants from establishing perpetual dealing operations onshore.

The CFTC’s actions remove that obstacle for the products they reach. Because the BTCPERP and similarly structured digital commodity perpetuals are now futures, rather than swaps, dealing in them does not count toward the swap dealer de minimis at all, and the futures regime contains no analogous notional threshold that turns a market maker into a registrant. The relief is, however, only as broad as the classification. The Order reaches bitcoin and other digital commodities with deep, active, and continuous spot markets. Perpetuals on other underlyings, or on digital commodities lacking such markets, remain potentially subject to treatment as swaps, and therefore count toward the de minimis threshold, unless and until the CFTC approves them as futures through the pre-approval process that the Policy Statement prescribes. A firm transacting in both approved and not-yet-approved perpetuals must still track the latter against the threshold.

Reduced Compliance Burden

The same reclassification spares participants from the broader swap dealer compliance obligations that registration triggers and spares exchanges the expense of maintaining a parallel swap program. As futures, these products report through existing futures infrastructure, including daily trading records, large-trader reporting, and recordkeeping, which are simpler than the parallel swaps reporting and recordkeeping regimes.^[14]

Treatment in Bankruptcy

Classification also determines where customer money sits and how it is treated in an insolvency. The Order requires that positions in the BTCPERP and the collateral margining them be held in the futures account at both the FCM and the clearinghouse under the futures segregation regime, rather than in the cleared swaps account.^[15] That choice carries through to an FCM failure, where the customer account class under the Bankruptcy Code and CFTC rules turns on whether the positions are futures or swaps; futures treatment places perpetual customers in the futures account class for purposes of pro rata distribution.^[16] The futures account class is, on this dimension, the less protective of the two for customers. The futures model commingles customer collateral and leaves each customer exposed to fellow-customer risk: if another customer of the same FCM defaults and the FCM cannot make the segregated pool whole from its own capital, the shortfall is shared pro rata among all futures customers. Cleared swaps are instead held under the legally segregated, operationally commingled (“LSOC”) model, which prevents a clearinghouse from applying one customer’s collateral to a fellow customer’s default and was adopted to remove precisely the “double default” exposure (a fellow customer’s default coupled with the FCM’s failure) that the futures model retains.^[17] For FCMs, the calculus runs the other way, the omnibus futures model being operationally simpler and less costly to administer than LSOC’s customer-by-customer legal segregation. The classification is therefore operationally beneficial for intermediaries but less protective for their customers.

Bank Capital Costs

The same divide carries a quantifiable capital cost for bank participants. Under U.S. bank capital rules, a bank that clears as a client may assign a 2% risk weight to its trade exposure to a qualifying clearinghouse only where its collateral is protected against loss from the joint default of its clearing member and that member’s other clients; absent that protection, as under the omnibus futures model, the risk weight is 4%.^[18] Because the LSOC model furnishes the joint-default protection and the futures model does not, clearing perpetuals as futures rather than as cleared swaps doubles the risk weight, and thus the capital, a bank client must hold against its clearinghouse exposure.

Federal Income Tax Treatment

The CFTC’s classification of DCM-listed perpetuals as futures contracts, and not commodity swaps, strongly supports the conclusion that they are “section 1256 contracts” for U.S. federal income tax purposes.[19] Section 1256 contracts generally are marked to market at the end of each tax year, and any gain or loss recognized by reason of the year-end mark or a taxable disposition is treated as 60% long-term and 40% short-term capital gain or loss.

Unlike traditional section 1256 contracts, however, perpetuals require counterparties to make periodic funding payments to each other. The U.S. federal tax treatment of funding payments is uncertain. Historically, many taxpayers appear to have treated funding payments as part of the overall economics of a perpetual and recognized capital gain or loss only on termination of the perpetual based on their net profit or loss. If a similar treatment applied to section 1256 perpetuals, funding payments would be reflected in a taxpayer’s annual mark. Alternatively, funding payments could give rise to ordinary income or expense each year, analogous to periodic payments under a notional principal contract.[20] Individual investors generally are not entitled to deduct net investment expense.[21]

Retail Participation on FBOTs

The foreign-futures characterization likewise reshapes cross-border access. By allowing some digital asset perpetuals to be characterized as futures, it permits FBOTs to offer these products to U.S. retail customers through a registered FCM, an avenue that was unavailable when the products were deemed swaps.^[22] The Perpetuals No-Action Letter channels the Deribit perpetuals into the CFTC framework for foreign futures offered to U.S. persons and separately permits customer digital assets and stablecoins to be posted as margin under a right of re-use, subject to conditions designed to preserve customer protection. The de minimis relief travels with that characterization, so a participant dealing in foreign perpetuals treated as foreign futures accrues no swap dealing notional either, though the Part 30 intermediation requirements and the conditions of the Perpetuals No-Action Letter continue to govern.

Future Challenges

Of course, all of this relief is, in the end, only as durable as the classification and the instruments that deliver it. The classification could be tested directly through Administrative Procedure Act review of the Order, and it is not certain that a court would accept that a no-expiry, funding-rate instrument is a “contract for future delivery,” a conclusion the CFTC’s reasoning supports but that the CFTC’s prior treatment of perpetuals as swaps leaves contestable. The risk could also reach private litigants. If the futures classification were later rejected, participants who treated these products as futures could face a private right of action under the CEA for unmet swap requirements. Nor do the four actions stand on equal footing: the Order is an action of the CFTC itself, while the Policy Statement is a non-binding statement of policy, the Perpetuals No-Action Letter is a staff position that binds only the issuing division and may be modified or withdrawn, and the 24/7 Advisory is likewise a non-binding CFTC staff advisory that states staff expectations rather than imposing requirements. A later reversal, or a contrary judicial classification, would restore the swap consequences, including the de minimis threshold.

Conclusion

This is a dramatic step for the establishment of domestic perpetuals markets and for facilitating U.S. person participation in offshore markets. For the first time, institutional participants can build perpetual dealing operations onshore without triggering the swap dealer registration framework and retail customers gain access to offshore perpetual markets through the intermediation of a registered FCM. The practical task for market participants is now one of implementation: identifying which products fall within the Order’s scope, structuring clearing and margin arrangements in light of the futures account requirements, quantifying the capital and customer-protection tradeoffs that flow from the futures classification, and seeking pre-approval for perpetuals on additional asset classes. For the CFTC, these actions establish a template for bringing other digital asset derivatives within the domestic regulatory perimeter.

ENDNOTES

[1] Eligible contract participants could enter into swaps with offshore counterparties, subject to the cross-border application of the CFTC’s swap rules. See 7 U.S.C. § 2(i). But an offshore platform that allows U.S. persons to trade perpetuals treated as swaps may itself be required to register as a swap execution facility, 7 U.S.C. § 7b-3; 17 C.F.R. § 37.3(a)(1), and a broker carrying those trades may be required to register as a futures commission merchant, 7 U.S.C. § 6d, leaving the offshore platforms effectively closed to U.S. participants of every kind. The CFTC has enforced these requirements against offshore crypto derivatives platforms. See, e.g., CFTC v. HDR Global Trading Ltd. (d/b/a BitMEX), No. 1:20-cv-08132 (S.D.N.Y. Aug. 10, 2021) (consent order) (finding that the platform that pioneered the crypto perpetual swap operated a facility to trade or process swaps for U.S. customers without approval as a designated contract market or swap execution facility, and acted as a futures commission merchant without registration; $100 million civil monetary penalty).

[2] One of the main obstacles was that a true perpetual could come onshore only as a swap and the swap regime’s costs, from possible swap dealer registration to duplicative reporting, made that uneconomic. An expiring contract was the only way to bring a perpetual-style product within the less burdensome futures regime.

[3] 7 U.S.C. §§ 7a-2(c)(4) & (c)(5)(B); 17 C.F.R. § 40.3. This is distinct from the more common “self-certification” route. See 17 C.F.R. § 40.2.

[4] See Chicago Mercantile Exchange v. SEC, 883 F.2d 537, 541 (7th Cir. 1989) (treating “futurity” as value set in the future through executory payment obligations, not requiring a fixed settlement date).

[5] 7 U.S.C. § 7(d)(3).

[6] Order Approving KalshiEX LLC BTCPERP Futures Contract (May 29, 2026), https://www.cftc.gov/media/14071/DMO_KalshiBTCPERPOrder052926/download.

[7] 17 C.F.R. §§ 40.2 & 40.3.

[8] CFTC, Policy Statement Concerning the Listing of Perpetual Contracts (May 29, 2026); see CFTC Release No. 9242-26 (May 29, 2026) (announcing the Policy Statement and directing perpetuals on asset classes outside the Order to the Regulation 40.3 review process), https://www.cftc.gov/PressRoom/PressReleases/pr-9242-26.

[9] 17 C.F.R. § 30.1. A “foreign board of trade” is any non-U.S. board of trade, exchange, or market. 17 C.F.R. §§ 1.3, 48.2(a). The term is broader than a CFTC-registered FBOT. An FBOT must register with the CFTC only where it seeks to provide U.S. persons with direct access. 17 C.F.R. §§ 48.1, 48.2(c); see also CEA § 7 U.S.C. § 6(b). Where, as here, U.S. customer access is instead intermediated through a registered futures commission merchant, Part 48 registration is not required, and the transactions are governed by other CFTC rules. 17 C.F.R. § 30.1(a)–(b). For these rules to apply, though, the instrument must be a futures contract or an option on a futures contract; a swap does not count. Hence the CFTC’s determination that the Deribit perpetual contracts are futures is crucial.

[10] CFTC Letter No. 26-17 (May 29, 2026), https://www.cftc.gov/csl/26-17/download; see 17 C.F.R. § 30.7.

[11] Staff Advisory on 24/7 Trading, Clearing, and Settlement (May 29, 2026), https://www.cftc.gov/csl/26-16/download.

[12] 17 C.F.R. § 23.23(b)(1) (registration required when swap dealing activity over the preceding twelve months exceeds $8 billion in aggregate gross notional amount); see id. § 23.23(d) (excepting only swaps a non-U.S. person enters anonymously on a CFTC-registered facility and clears).

[13] See 17 C.F.R. pt. 23, subpt. H (external business conduct standards for swap dealers).

[14] 17 C.F.R. pts. 43, 45 (real-time public reporting and swap data repository reporting for swaps); id. pts. 16, 38 (futures reporting and recordkeeping).

[15] 7 U.S.C. § 6d (segregation of futures customer funds).

[16] 11 U.S.C. §§ 761–767; 17 C.F.R. pt. 190.

[17] See 17 C.F.R. pt. 22 (legally segregated, operationally commingled treatment of cleared swap customer collateral, under which a clearinghouse may not apply a non-defaulting customer’s collateral to a fellow customer’s default); cf. 7 U.S.C. § 6d; 17 C.F.R. §§ 1.20–1.30 (omnibus segregation of futures customer funds).

[18] See 12 C.F.R. § 217.35(b)(3)(i)(A)–(B) (2% risk weight for a clearing member client banking organization’s trade exposure to a qualified central counterparty where the arrangement protects against loss from the joint default of the clearing member and its other clients; 4% if that requirement is not met); Basel Committee on Banking Supervision, Capital Requirements for Bank Exposures to Central Counterparties (Apr. 2014).

[19] See 26 U.S.C. § 1256(b) (1256 contracts include regulated futures contracts).

[20] See Treasury regulations section 1.446-3(d).

[21] See 26 U.S.C. § 67(h).

[22] See 7 U.S.C. § 2(c)(2)(E) (retail restriction on commodity transactions offered to non-eligible contract participants); 17 C.F.R. pt. 30 (foreign futures and options offered to U.S. customers through registered FCMs).

This post is based on a Cahill, Gordon & Reindel LLP memorandum, “True Perpetuals Come Onshore,” dated June 2, 2026, and available here. 

• Design a voluntary framework for engagement with developers of frontier AI models before broader release of such models to trusted partners.
• Prioritize criminal enforcement against AI-enabled cyberattacks.

The EO signals the administration’s recognition that frontier models with advanced cyber capabilities may require closer public-private coordination. Notably, the EO does not impose requirements related to licensing or preclearance.

Although the contemplated framework would be “voluntary,” it could lead to a more structured process for federal engagement with frontier AI model developers, particularly with respect to advanced cybersecurity focused AI models, and could provide a foundation for more substantial federal oversight of AI model development.

While some commentators have welcomed this measured approach, others have warned it could prove a stepping stone to more prescriptive regulation. Still others have asserted the voluntary approach is insufficient given the threats presented by certain AI models.

AI developers — particularly those building frontier models — as well as critical infrastructure companies and other companies using AI-enabled cybersecurity tools should consider monitoring U.S. government actions related to this EO, such as the forthcoming guidance from the Cybersecurity and Infrastructure Security Agency (CISA).

In addition, frontier AI model developers may want to:

• Be prepared to evaluate whether their models meet the forthcoming “covered frontier model” designation.
• Prepare for the classified benchmarking process.
• Consider whether product release timelines should account for a potential government access period of up to 30 days.

Background

The EO follows a series of administration actions promoting U.S. AI leadership, including the January 2025 EO “Removing Barriers to American Leadership in Artificial Intelligence,” the December 2025 EO “Ensuring a National Policy Framework for Artificial Intelligence” and other initiatives aimed at accelerating AI adoption and reducing regulatory burdens.

The most recent EO continues this trend while also introducing “new national security considerations that require coordinated action across executive departments and agencies.”

Although the EO pointedly contrasts the Trump administration’s approach with that of the Biden administration, there are elements of continuity. In 2023, the Biden White House secured voluntary commitments from leading AI developers to test the safety and security of their systems before public release.

The current EO’s voluntary framework can be seen as a continuation of that approach, now reoriented around cybersecurity and national security concerns.

Key Provisions

Upgrade American Systems for Advanced AI

The EO imposes a series of 30- and 60-day deadlines on federal agencies to bolster cyber defenses across government systems. Specifically:

• The Committee on National Security Systems is instructed to prioritize the cyber defense of National Security Systems within 30 days. The secretary of War must similarly prioritize cyber defense of Department of War¹ information systems within the same time frame.
• The secretary of Homeland Security, through the director of CISA, is directed to release Binding Operational Directives to expedite cyber defense of civilian federal systems, expand federal cybersecurity programs that enhance AI-enabled defensive tools and facilitate access to cybersecurity tools — including covered frontier models — for agencies, state and local authorities, and critical infrastructure operators such as rural hospitals, community banks and local utilities.
• Within 30 days, the secretary of the Treasury, in consultation with the national cyber director and the directors of the National Security Agency (NSA) and CISA, are directed to form an “AI cybersecurity clearinghouse” in voluntary collaboration with the AI industry and critical infrastructure operators. The clearinghouse will coordinate scanning for software vulnerabilities, validate discoveries, and prioritize remediation and patch distribution.
• The director of the Office of Management and Budget must identify whether any federal grant programs have funding available for applicants developing advanced AI vulnerability detection.
• The Office of Personnel Management must expand hiring pathways for cybersecurity specialists through the U.S. Tech Force within 60 days.

Secure Frontier Model Deployment

The EO directs multiple departments and agencies to take a number of significant actions to secure private sector AI development on an accelerated 60-day timeline.

First, they must develop and maintain a classified benchmarking process to assess the advanced cyber capabilities of AI models and determine the threshold at which a model should be designated a “covered frontier model.” The director of the NSA will make such determinations in consultation with the national cyber director, the assistant to the president and director of the White House Office of Science and Technology Policy, the CISA director and other representatives of the Department of War.

Second, when an AI model is designated a “covered frontier model” under the forthcoming classified benchmarking process, the model’s developer may provide the government with access to the model — subject to confidentiality, cybersecurity, insider-risk and intellectual property (IP) protections — for up to 30 days before releasing it more broadly.

Following the access period, the EO contemplates a narrower release to “trusted partners” selected in collaboration with the government, rather than immediate broad public release. Covered frontier models may also be made available for federal agencies, state and local authorities, and critical infrastructure operators (such as rural hospitals, community banks and local utilities).

Critically, the EO expressly provides that nothing in it “shall be construed to authorize the creation of a mandatory governmental licensing, preclearance, or permitting requirement for the development, publication, release, or distribution of new AI models, including frontier models.”

Protect Against Criminal Actors

The attorney general is directed to prioritize enforcement of federal criminal statutes — including 18 U.S.C. §§ 1028, 1030, and 1343 — against anyone who uses AI to illegally access or damage a computer without authorization, or who uses AI while engaged in such illegal access to further any other crime. This includes breaching public or private information technology (IT) systems and employing AI agents to unlawfully access data that is subsequently used for a criminal or unlawful purpose.

The EO in Global Context

The U.S. approach comes amid a global race to develop appropriate regulatory and oversight models that achieve national objectives. Other jurisdictions have moved toward more formalized control of advanced AI.

The European Union’s AI Act establishes a binding, risk-based regulatory framework, imposing mandatory obligations on providers of “general-purpose” AI systems — such as large language models — and “high-risk” AI systems such as those used for employee recruitment or credit scoring purposes. It sets significant penalties for noncompliance.

In the EU and U.K., data protection authorities may expect prior engagement or consultation where frontier AI model deployments present heightened risk to individuals, for example, where data protection impact assessments identify high residual risks.

In addition, the U.K.’s AI Security Institute conducts pre-deployment testing and evaluation of frontier models for safety and security risks, working with leading developers on a basis that, while currently voluntary, reflects a more institutionalized government role in model evaluation than the U.S. framework.

Against this backdrop, the EO’s voluntary, access-based approach — coupled with its express disclaimer of any licensing or preclearance requirement — positions the U.S. as comparatively light-touch.

Practical Takeaways

• Frontier AI model developers should assess whether and how to participate in the proposed voluntary framework. Although the EO emphasizes that participation in the frontier model framework is voluntary and expressly disclaims any licensing or preclearance requirement, companies developing models that could be designated as “covered frontier models” should expect significant government interest in engagement. Although the EO does not contemplate the imposition of penalties for nonparticipation, companies that choose not to participate may find themselves at a disadvantage in securing government contracts, gaining early access to federal cybersecurity resources or being selected as “trusted partners” for early model access.
• Prepare for the classified benchmarking process. The EO directs agencies to develop a classified process for assessing whether models meet the “covered frontier model” threshold. AI developers should begin internal assessments of their models’ cyber capabilities and consider what personnel and processes they will need in place to engage with classified government evaluations — including obtaining or maintaining appropriate security clearances.
• The 30-day access window requires advance planning. Participating frontier AI model developers may need to account for a potential government access period of up to 30 days before releasing these models more broadly. Companies should begin planning internal workflows to accommodate this window, including protocols for protecting IP and confidential information during government review. Customers awaiting new frontier models should correspondingly prepare for possible delays in public availability, as the pre-release access window may extend development-to-release timelines.
• Criminal enforcement signals heightened scrutiny. The direction to the attorney general to prioritize criminal enforcement against AI-enabled cyberattacks signals that the Department of Justice (DOJ) is likely to bring cases in this space. Companies should consider reviewing their internal controls to ensure that their AI systems and AI-powered agents cannot be used — whether by internal actors or external threat actors — to access data or systems without authorization.
• Monitor the cybersecurity clearinghouse. The AI cybersecurity clearinghouse represents a new public-private coordination mechanism for vulnerability scanning and patch distribution. AI developers and critical infrastructure operators should consider monitoring the formation of this body as well as early engagement to shape its processes and benefit from coordinated vulnerability remediation.

ENDNOTE

1 Congress has not yet acted on the administration’s renaming of the Department of Defense.

This post is based on a Skadden, Arps, Slate, Meagher & Flom LLP memorandum, “New AI Executive Order Calls for Frontier Model Security, Early Government Access and AI-Enabled Cyber Defense,” dated June 9, 2026, and available here. 

Still, there is a deeper and unfulfilled significance to this martial arts festival. Boxing and martial arts are small stuff to a president who wants to be measured on the scale of a Julius Caesar. In that light, his natural goal should be a revival of the ancient Roman tradition of gladiator matches, just like those that used to pack the Roman Colosseum. Imagine the following: Trump would sit in a facsimile of the Emperor’s box, gilded in gold and overlooking the arena below. Using only the weapons as employed back then, the contestants would salute the President in unison, saying “We who are about to die salute you President Trump.” These words would bring a small tear to the President’s eye.

The contestants would then compete to the death, but the victorious gladiator could not finish off a defeated opponent until the victorious gladiator looked up to the President and saw him signal either “thumbs up” or, more likely, “thumbs down”—again with a small tear in his eye. The contestants would be rewarded out of the proceeds of a $1.8 billion slush fund that the courts have frozen but could accept if the use of the funds was changed to a national educational project. The purpose of this project would be to teach Americans the ancient Roman virtues (as perceived by President Trump)—namely, Stoicism, Obedience to orders, and Absolute Loyalty to one’s leaders.[1]

But, wouldn’t this contest still amount to a conspiracy to commit murder or at least illegal dueling? Remember here that the Supreme Court has granted legal immunity to presidents from criminal liability for acts taken in office. Further, Trump’s “thumbs up” and “thumbs down” signals could be construed as responses to requests for pardons or reprieves (at least according to Trump’s imaginative legal staff). Neither the granting nor denial of a pardon request is subject to judicial review. Finally, the victor in these duels could be guaranteed a presidential pardon. To make the President’s pardon power complete, the District of Columbia laws forbidding murder, dueling, or like crimes could be transferred to federal law so that they were covered by the presidential pardon power. Nice legal thinking, staff.

Some other cosmetic changes are also needed to elevate the scale of this event.  Historically, the month of July was originally named Quintilis, but Romans renamed that month July in honor of Julius. Correspondingly, the U.S. could rename June (which contains Trump’s birthday) to become “Trumpus”—just a small act of thanks for a man who has done so much to so many.

This still leaves open the question of why anyone would volunteer to be a gladiator given the high mortality rate. Here, the Trump legal staff has shown its unique ability to focus pressure on those it wants to comply. Unlawful immigrants who volunteer to become gladiators and their families would receive guaranteed U.S. citizenship. Some immigrants would be literally dying to receive this honor.

This June’s UFC Freedom 250 event will be broadcast by Paramount, which has an important merger pending before the President. In the future, Fox News will handle the broadcasts. The prediction markets also want to participate in these events. They are less interested in betting on the victors than handling the betting on how frequently (if ever) Trump will give the thumbs up signal: once, twice, or zero.

Could there be any hitch in these plans? The Trump legal staff has been discussing this quietly with a variety of legal and political experts. Most believe that they can convince a majority of the Supreme Court to uphold their plans and give a broad construction to the pardon power. But recently, strange messages have been received from unknown hackers, saying only “Sic semper tyrannis.” What could that mean in this context? Well, that is too speculative a question. Hey, let’s just relax and enjoy the games. Happy Birthday, Mr. President.

ENDNOTE

[1] The Romans did not fully learn this message of absolute loyalty to their leader, as Brutus proved to Caesar. Shakespeare quotes Brutus as saying, “Sic semper tyrannis.” We will not insult your intelligence by translating the Latin.

John C. Coffee, Jr. is the Adolf A. Berle Professor of Law at Columbia University Law School and Director of its Center on Corporate Governance.