Katten ESG Guidepost is a monthly publication highlighting the latest news, legal and regulatory developments involving environmental, social and governance matters.

To read more issues of Katten ESG Guidepost, please click here.


CFTC Chairman Behnam Discusses the Regulatory Outlook Towards Voluntary Carbon Markets

By Johnjerica Hodge, India Williams, Nicholas Gervasi

Commodity Futures Trading Commission (CFTC) Chairman Rostin Behnam recently spoke about voluntary carbon markets (VCMs) in a speech entitled "Climate in the Center of Economy." There are two types of carbon markets: compliance markets, which are established by governments that control the supply of credits and regulate their trading, and VCMs, where private buyers and sellers, who are under no formal obligation to achieve a specific target, exchange carbon credits in a more noncentralized manner. Robust VCMs are critical for reducing greenhouse gas emissions and meeting global reduction goals. In highlighting the CFTC's recent work regarding VCMs, Chairman Behnam emphasized that the CFTC is the appropriate regulator for managing climate-related risks as firms and individuals will use derivatives markets to mitigate climate change-induced physical and transition risks. Read about Chairman Behnam's comments.


State Law Requiring PFAS Disclosure Leads to Class Action Lawsuit

By Chris Cole

A Maine law that required (at least until recently amended) consumer products companies to disclose the presence of "intentionally added" per- and perfluoroalkyl substances (PFAS) in products sold within the state has led to the filing of a consumer class action lawsuit against the disclosing company. Butler & Pai v. BIC USA, INC., No. 4:24-cv-02955 (N.D. Cal.) This lawsuit may be a harbinger of future litigation aimed at companies who must make similar disclosures in order to comply with a growing number of state PFAS disclosure mandates, such as in New York, Washington, Vermont, Connecticut, Colorado, California, Maine, Maryland, Minnesota, Rhode Island and Hawaii. Read about PFAS disclosure litigation.


Transferability of Renewable Energy Tax Credits: Still Gathering Steam

By Harold Davidson, Brandon Hadley

The Inflation Reduction Act of 2022 provides for the transferability of certain renewable energy tax credits, including the investment tax credit (ITC). Although transferability deal volume has certainly increased in the last year, the market remains in a state of growth. As additional guidance continues to be released by the Internal Revenue Service (IRS) and as the market continues to mature, below are various transferability insights both developers and investors should keep in mind as they consider entering into credit transfer transactions, including with respect to pricing, transaction costs and timing, federal income tax consequences to buyers and sellers of the credits, recapture and more. Read about transferable renewable energy tax credit trends.


Danette Edwards Talks SEC Cyber News and CISO Challenges With the Gula Tech Adventures Podcast

Partner and Securities Enforcement Defense Co-Chair Danette Edwards was a guest on the Gula Tech Adventures podcast. She talked about her career trajectory, including her recent decade-plus tenure at the Securities and Exchange Commission's (SEC) Enforcement Division. Danette discussed new SEC regulations regarding cybersecurity requirements for public companies and regulated entities and provided insights into the implications of these rules for Chief Information Security Officers (CISOs). Read about Danette's comments.


The Office of the National Cyber Director Releases 2024 Report on Cybersecurity Posture

By Trisha Sircar

On May 7, the Office of the National Cyber Director (ONCD) released the 2024 Report on the Cybersecurity Posture of the United States (the Report). The Report outlines the top trends of 2023, which include evolving risks to critical infrastructure, ransomware, supply chain exploitation, commercial spyware and artificial intelligence. Read about the report findings.


Minnesota Becomes the Next State to Enact a Comprehensive Data Protection Law

By Trisha Sircar

On May 24, Minnesota Governor Tim Walz signed the Minnesota Consumer Data Privacy Act (MCDPA), which will go into effect on July 31, 2025. The law applies to entities that within a calendar year: (1) control or process personal data of at least 100,000 Minnesota residents; or (2) derive over 25 percent of their gross revenue from selling personal data and process or control personal data of at least 25,000 Minnesota residents within a calendar year. Read about the MCDPA.


Canada's Privacy Regulator Launches New Tools for Data Breach Reporting

By Trisha Sircar

On May 24, the Office of the Information and Privacy Commissioner of Canada (OPC) issued new guidance relating to data breach reporting for federal institutions and businesses. The OPC has launched a new online breach reporting form for federal institutions subject to the Privacy Act and has also updated its online breach reporting form for businesses subject to the Personal Information Protection and Electronic Documents Act (PIPEDA). These forms are intended to make the process more seamless and efficient. The new system also permits businesses with the ability to update existing reports.


The European Data Protection Supervisor Issues Guidelines for Generative Artificial Intelligence

By Trisha Sircar

On June 3, the European Data Protection Supervisor (EDPS) published guidelines on generative AI and personal data for EU institutions, bodies and agencies. The guidelines aim to help these organizations comply with the data protection obligations set out in Regulation (EU) 2018/1725 when using or developing generative AI tools. Read about EDPS guidelines.