ASIC Starts to Crackdown on ICO's

The Australian Securities and Investment Commission (ASIC) released a statement May 1, 2018, informing companies that ASIC will take action against companies that sell digital or virtual tokens via initial coin offerings (ICOs) if their conduct or statements are misleading or deceptive. ASIC is currently issuing inquiries to ICO issuers and their advisors where ASIC identifies conduct or statements that are misleading or deceptive, especially in marketing material and White Papers. ASIC recommends that any company selling something to Australians, whether it is a financial product or a utility token, ensure they are in compliance with the Corporations Act 2001, and are properly licensed if necessary.

 Link to the May 1, 2018, Statement:

The Updated ASIC Information Sheet for ICO and Companies in the Cryptocurrency Space:

Legal Changes for ICO's in Pakistan

On April 6, 2018, the State Bank of Pakistan (SBP) advised that virtual currencies/coins/tokens are neither recognized as a legal tender, nor has SBP authorized or licensed any individual or entity for the issuance, sale, purchase, exchange, or investment in any virtual currency/coins/tokens in Pakistan. Further, banks, development finance institutions, microfinance banks, and payment system operators (PSOs)/payment service providers (PSPs) have been advised not to facilitate their customers/account holders to transact in virtual currencies or initial coin offerings (ICOs). Domestic and international payment and money transfer services in Pakistan are regulated by SBP under applicable laws. In this regard, no entity is currently licensed or authorized by SBP to offer money remittance services and products in Pakistan using virtual currencies/coins/tokens. Persons using virtual currencies/coins/tokens for the purpose of transferring value outside of Pakistan are subject to prosecution as per the applicable laws.



Gagnier Margossian LLP Partner Targeted by Perpetrator in Online Harassment Case

Gagnier Margossian LLP routinely provides legal representation of victims of online harassment, including all forms of cyber exploitation. Unfortunately, an occupational hazard of doing such work is that these perpetrators sometimes turn their tactics on our firm as counsel.

Recently, after successfully advocating for a client who has been maliciously harassed for nearly two years, the perpetrator has decided to turn her attention to one of our partners, Christina Gagnier. The firm has discovered at least one post that is, in the most generous of descriptions,  patently defamatory, disgusting and outrageous.

Gagnier has served as a member of the Federal Communication Commission’s Consumer Advisory Committee and California Attorney General Kamala Harris’ Cyber-Exploitation Task Force. Christina has been a subject matter expert on Cyber Exploitation to California's Commission on Peace Officer Standards and Training (POST).

In addition to her practice, Gagnier is Adjunct Faculty at the University of California at Irvine School of Law, teaching privacy law and serving as clinical faculty for the Intellectual Property, Arts, and Technology Clinic, in which the Clinic creates resources for victims of online harassment. Christina further sits on the Board of Directors of Without My Consent, tackling issues like online harassment and revenge porn. She also recently worked on SB 157, which successfully passed in the California State Legislature.

Christina was also recently published in the most recent edition of Domestic Violence Report with her article “Cyber Exploitation and the Perpetration of Digital Abuse.” The irony does not escape this firm that Christina now finds herself a victim of the behavior she routinely fights against.

The team at GAMALLP wants to make it clear that we will not succumb to harassment in any form.

Join GAMA - We're Hiring

We're Hiring...

Boutique technology litigation and tech transactions shop seeks Associate to join its team. Looking to add someone with a focus on corporate law, securities, and data privacy. Our firm, headquartered in San Francisco, California, splits its practice into a number of areas, including: emerging businesses, business law, data privacy and security, corporate securities and finance, cryptocurrency advisory services, litigation, intellectual property, taxation, international regulatory compliance and Internet law.

General Details:

  • Will evaluate all dynamic candidates, but looking for 3+ years of experience;
  • Must be able to work in a fast-paced, distributed environment and report to partners constantly on the go;
  • Must be able to delegate and effectively communicate with support staff; and
  • Litigation experience and/or securities law experience, particularly Regulation D, a plus.

Either private firm or government agency experience acceptable.

Bonus points for someone who may have also practiced U.S. privacy and data security law (federal and state). Experience with technology industries, issues lying at the intersection of government regulation and technology, or FTC policy and enforcement regarding privacy and data security issues is desirable. EU law experience, esp. GDPR familiarity, even more points.

Further bonus points for someone with experience as securities and finance counsel.

This opportunity is for an initial contract term position for the parties to figure out if it is the “right” fit. Salary commensurate with skill set and experience.

Location: SF, LA, OC, NYC, DC.

Please submit: Cover Letter (direct and well-written - why this sounds cool), Resume, Writing Sample(s), References (3), and any publicly available information relating to litigation or transactions the candidate may have worked on. 

Position on Oxford comma should also be made available. 

Please send materials to

"The Shield": Thoughts on the EU-US Data Privacy Shield

After months of unease for United States companies and their counsel alike, a deal has tentatively been reached by the United States and European Union to continue the flow of cross border data transfer from the European Union to the United States.

As of October 6, 2015, the European Court of Justice invalidated the Safe Harbor Framework in the decision Maximillian Schrems v. Data Protection Commissioner (Case C-362/14). The US-EU Safe Harbor program was a long-standing framework for companies engaging online and transacting data with European customers and users. The absence of the Safe Harbor left many companies scrambling to figure out the best methods to comply with the EU Data Privacy Directive, the EU’s privacy regulatory regime.

The upside of the Safe Harbor program was that it was a means for startup companies who wanted to expand to the European market to avail themselves of a more streamlined approach for privacy compliance in doing so. The cost of compliance through other means for a small company, using devices such as the Model Clauses, proves to be onerous and cost prohibitive in many instances.

Details remain to be hammered out, but the program, to be known as the EU-US Privacy Shield, still needs to be ratified. While the new program will allow companies to continue data transfer, the proposed Shield program has already been met with criticism, not surprisingly, from Max Schrems himself who tweeted,

SUMMARY on new #SafeHarbor: This is 100x more laughable than I would have ever expected from what @VeraJourova is presenting. Back to CJEU?!”

Even with the implementation of a new program, many United States companies, from established retailers to newer web and mobile applications, were not in compliance with the prior Safe Harbor program. If a company is transferring data to and from Europe, selling to European consumers or targeting that market, a hard look should be taken at what is required by companies under the EU Data Privacy Directive. A company finding itself in receipt of an inquiry from a European data protection authority, known as DPA’s, comes with legal and, sometimes, investment consequences.

Despite the likely availability in the coming month of the EU-US Privacy Shield program, companies should be aware that they are now dealing with a heightened awareness and regulatory environment in Europe when it comes to user data and privacy. The Safe Harbor debate is and will continue to remain emblematic of the struggle between protecting user privacy and allowing businesses to transact data in their everyday course of business.