Photo of Stephen C. Piepgrass

Stephen C. Piepgrass

Subscribe to Stephen C. Piepgrass's Posts

Stephen leads the firm’s Regulatory Investigations, Strategy + Enforcement (RISE) Practice Group. He focuses his practice on enforcement actions, investigations, and litigation. Stephen primarily represents clients engaging with, or being investigated by, state attorneys general and other state or local governmental enforcement bodies, including the CFPB and FTC, as well as clients involved with litigation, with a particular focus on heavily regulated industries. He also has experience advising clients on data and privacy issues, including handling complex investigations into data incidents by state attorneys general other state and federal regulators. Additionally, Stephen provides strategic counsel to Troutman Pepper’s Strategies clients who need assistance with public policy, advocacy, and government relations strategies.

Follow:Read more about Stephen C. PiepgrassStephen C.'s Linkedin Profile

The U.S. Department of Health and Human Services (HHS) has drawn criticism for heavily redacting a recommendation letter to the U.S. Drug Enforcement Administration (DEA) concerning the rescheduling of cannabis. HHS said the redactions were justified under Exemption 5 of the Freedom of Information Act (FOIA), which protects inter-agency or intra-agency memorandums or letters that would not be available by law to a party other than an agency in litigation with the agency. As Stephen C. Piepgrass, Agustin E. Rodriguez, Jean Smith-Gonnell, and Cole White noted in a recent article published by Law360, this has sparked debates about the balance between necessary secrecy and the public’s right to government information. Legal challenges to these redactions are expected. The deliberative process privilege, which safeguards deliberative discussions within government corridors, is often invoked in the context of FOIA.

Since 1967, the federal Freedom of Information Act (FOIA) has provided the public with the right to access records or information from any federal agency, except those records protected under legal exemptions. Each state has implemented its own public records laws, with differences regarding how such records are retained and who they can be shared with, as well as nuances among state guidelines for response times, exemptions, fees, and which branches of government are included.

This article was originally published on December 12, 2023 in Reuters and Westlaw Today. It is republished here with permission.

It is indeed a tangled regulatory web woven to potentially trap an organization in the wake of a data incident. Navigating this web can involve significant resources, time, and stress. As we discussed in part two of this series, “Your organization has suffered a data incident: Now here are the regulators it will likely encounter,” Reuters Legal News and Westlaw Today, Oct. 16, 2023, there is no shortage of regulators likely to come calling. Organizations therefore have little margin for error when assessing and responding to an incident.

The principle of open government is foundational to a healthy democracy, and the availability of government records upon request from the public is one of its chief cornerstones. In the U.S., the primary mechanism by which the public gains access to government records is the Freedom of Information Act (FOIA).[1] FOIA serves as a pivotal tool for ensuring governmental transparency by allowing the public to make requests to governmental entities to access specific government records.

In the latest episode of Regulatory Oversight, Troutman Pepper RISE attorneys Jean Gonnell and Cole White are joined by AGA’s Bruce Turcott, legal editor of the Cannabis Law Deskbook, to discuss the evolution of cannabis regulation in Colorado and Washington, the first two states to legalize marijuana. They discuss the challenges and successes of implementing cannabis laws, including the development of licensing systems, the impact of local authority on licensing, and the role of receiverships in the industry.

In the latest episode of Regulatory Oversight, Gene Fishel and Mike Lafleur welcome Pat Moore and Jared Rinehimer from the Massachusetts Attorney General’s (AG) Office to discuss online sports wagering. They cover the recently enacted Massachusetts Sports Wagering Act, the associated role of the Massachusetts Gaming Commission, related rules addressing advertising and data privacy, and the overall concerns of the AG’s office.

The U.S. Environmental Protection Agency (EPA) has formally withdrawn cybersecurity rules it promulgated in March requiring that states report cybersecurity threats to their public water systems (PWS). The reversal comes in the wake of lawsuits filed in the Eighth Circuit in July by Missouri, Arkansas, and Iowa (the states), along with intervenors American Water Works Association and National Rural Water Association (the water associations). As a result of the withdrawal, the states and water associations filed to dismiss their suits.

This article was originally published on October 16, 2023 in Reuters and Westlaw Today. It is republished here with permission.

Government regulators are seemingly as numerous as the stars nowadays, especially in the universe of data incidents. When organizations experience a data incident, they will need to quickly assess what happened, why it happened, and who (e.g., clients, consumers, vendors, employees) was affected. They will also need to chart a course by which they resolve the incident while limiting their legal exposure.

As predicted in our previous articles, the “right to repair” movement continues to garner support as more state governments consider legislating in this area. We previously reported that in 2021, 27 states had pending legislation addressing “right to repair” laws (discussed in our previous article here). Already this year, 33 states have considered some form of “right to repair” legislation.[1] The latest of these legislative efforts comes out of California, where on September 13, the Senate unanimously passed SB-244, the Right to Repair Act.[2] Once Governor Newsom signs the bill into law, California will join Colorado, New York, and Minnesota as the fourth state to enact the “right to repair” legislation.[3] We expect more states to follow.