On 15 January 2025, the European Commission published an action plan on the cybersecurity of hospitals and healthcare providers (the “Action Plan”). The Action Plan sets out a series of EU-level actions that are intended to better protect the healthcare sector from cyber threats. The publication of the Action Plan follows a number of high-profile incidents in recent years where healthcare providers across the European Union have been the target of cyber attacks.

Whilst the Action Plan primarily focuses on healthcare providers including hospitals, clinics, care homes, rehabilitation centres and others, the plan identifies interdependence between those providers and the healthcare industry. Therefore, some of the measures proposed address risks affecting the broader healthcare supply chain and ecosystem, and will potentially have implications for pharmaceutical and biotechnology industry players as well as medical device manufacturers.

The action that will be of most significance for industry is the plan for Member States to request that entities subject to the NIS2 Directive, including healthcare organisations, must report on ransom payments when reporting significant incidents to the competent authority under the NIS2 Directive (section 3.3, p.14). The Action Plan rationalizes this proposal by stating that the collection of further data is needed to understand the effectiveness of measures taken against ransomware attacks, and noting that such reporting would support the effective investigation of incidents. Reporting of ransomware payments is not required by the NIS2 Directive, so this would represent a significant change for in-scope entities. While this is titled a ‘national action’ to be implemented by Q4 2025, it is not immediately clear from the Action Plan if the proposal would take the form of a new EU law that imposes the obligation on Member States or otherwise.Continue Reading European Commission Publishes Action Plan on Cybersecurity of Hospitals and Healthcare Providers

On January 14, 2025, the Biden Administration issued an Executive Order on “Advancing United States Leadership in Artificial Intelligence Infrastructure” (the “EO”), with the goals of preserving U.S. economic competitiveness and access to powerful AI models, preventing U.S. dependence on foreign infrastructure, and promoting U.S. clean energy production to power the development and operation of AI.  Pursuant to these goals, the EO outlines criteria and timeframes for the construction and operation of “frontier AI infrastructure,” including data centers and clean energy resources, by private-sector entities on federal land.  The EO builds upon a series of actions on AI issued by the Biden Administration, including the October 2023 Executive Order on Safe, Secure, and Trustworthy AI and an October 2024 AI National Security Memorandum.

I. Federal Sites for AI Data Centers & Clean Energy Facilities

The EO contains various requirements for soliciting and leasing federal sites for AI infrastructure, including:

The EO directs the Departments of Defense (“DOD”) and Energy (“DOE”) to each identify and lease, by the end of 2027, at least three federal sites to private-sector entities for the construction and operation of “frontier AI data centers” and “clean energy facilities” to power them (“frontier AI infrastructure”).  Additionally, the EO directs the Department of the Interior (“DOI”) to identify (1) federal sites suitable for additional private-sector clean energy facilities as components of frontier AI infrastructure, and (2) at least five “Priority Geothermal Zones” suitable for geothermal power generation.  Finally, the EO directs the DOD and DOE to publish a joint list of ten high-priority federal sites that are most conducive for nuclear power capacities that can be readily available to serve AI data centers by December 31, 2035.

  • Public Solicitations.  By March 31, 2025, the DOD and DOE must launch competitive, 30-day public solicitations for private-sector proposals to lease federal land for frontier AI infrastructure construction.  In addition to identifying proposed sides for AI infrastructure construction, solicitations will require applicants to submit detailed plans regarding:
  • Timelines, financing methods, and technical construction plans for the site;
  • Proposed frontier AI training work to occur on the site once operational;
  • Use of high labor and construction standards at the site; and
  • Proposed lab-security measures, including personnel and material access requirements, associated with the operation of frontier AI infrastructure.

The DOD and DOE must select winning proposals by June 30, 2025, taking into account effects on competition in the broader AI ecosystem and other selection criteria, including an applicant’s proposed financing and funding sources; plans for high-quality AI training, resource efficiency, labor standards, and commercialization of IP developed at the site; safety and security measures and capabilities; AI workforce capabilities; and prior experience with comparable construction projects.  Continue Reading Biden Administration Releases Executive Order on AI Infrastructure

On January 8, 2025, the Consumer Product Safety Commission (“CPSC”) published in the Federal Register a Final Rule that significantly changes the requirements for filing certificates of compliance for imported products under the Consumer Product Safety Act (“CPSA”). The publication of the Final Rule followed the CPSC’s vote to approve the Final Rule on December 18, 2024.

The Final Rule is intended to provide the CPSC and Customs and Border Protection (“CBP”) with significantly more information about imported products, which will likely enhance enforcement against noncompliant products. Companies should take proactive measures to ensure that all imported products comply with the CPSA. They should also prepare for increased scrutiny of products upon import, which may result in delays and potential seizures of products, and ensure that they have processes in place for complying with all aspects of the Final Rule.

The Final Rule makes two major changes to existing CPSC requirements for filing certificates of compliance, which will take effect on July 8, 2026 (except that for products entering from a foreign trade zone for consumption or warehousing, the rule will take effect on January 8, 2027).

First, the Final Rule requires that for all imported products subject to a mandatory safety standard under the CPSA, importers must electronically file (“eFile”) the requisite certificate of compliance at the time of entry with Customs and Border Protection (“CBP”), which will then share the certificate with CPSC. Notably, products claiming a de minimis duty exemption under 19 U.S.C. § 1321 (“Section 321”)—i.e., products valued at less than $800—are also subject to this eFiling requirement. By requiring eFiling of certificates of compliance, including for de minimis products, the Final Rule is intended to improve the CPSC and CBP’s ability to collect data on imported products and bolster their monitoring and enforcement capabilities.

Second, the Final Rule newly defines the term “importer” in the CPSC regulations to be synonymous with the importer of record (“IOR”). This change places the responsibility for filing certificates of compliance for most imported products on the IOR. However, if the IOR is a customs broker, the broker is responsible for filing the certificate but can designate the “owner, purchaser, or consignee” as legally responsible for complying with the CPSC’s testing and certification requirements, including for the accuracy and validity of the data submitted on the certificate.

For mail and de minimis shipments, which do not have an IOR, the Final Rule clarifies that the “importer” can be an owner, purchaser, consignee, or authorized customs broker. Similar to products that do not fall under the de minimis exemption, the customs broker may file the certificate for a de minimis shipment but identify the owner, purchaser, or consignee as the party responsible for compliance. Continue Reading CPSC Revises Requirements for Certificates of Compliance

Yesterday, the FAR Council issued a proposed rule that would update the U.S. Government’s approach to organizational conflicts of interest (OCIs).  While the proposed rule is not finalized and may change in response to forthcoming comments from interested parties, the proposed rule contemplates major changes to the FAR’s existing framework in this area.  In this post, we summarize the background leading up to the proposed rule and highlight key areas of proposed change.

Background

The proposed rule is the latest installment in a years-long effort by Congress, GAO, and the FAR Council to update the OCI guidance in the FAR.  Many years ago, in 2011, the FAR Council issued a proposed rule to amend the FAR’s guidance on OCIs with a particular focus on OCIs related to unequal access to nonpublic information.  The 2011 proposed rule was motivated in part by a GAO report recommending that the FAR Council provide additional protections for contractors accessing sensitive information.  

The 2011 proposed rule was never finalized and was ultimately withdrawn in 2021.  Many of the key changes in the most recent proposed rule, however, were foreshadowed by the 2011 proposed rule.  For example, the 2011 proposed rule would have moved OCI guidance to FAR Part 3, allowed agencies to determine that a risk is acceptable in the context of impaired objectivity OCIs (without requiring a formal waiver), and provided standard solicitation provisions and contract clauses.

As previously discussed on this blog, in December 2022 Congress passed the ‘‘Preventing Organizational Conflicts of Interest in Federal Acquisition Act” (the Act), which directed the FAR Council to issue new rules for OCIs.  The Act itself did not establish any new OCI standards but directed the FAR Council to: (1) provide definitions of the different types of OCIs; (2) provide illustrative examples of OCIs, including in situations where contractors’ other clients may have interests that potentially conflict with those of the contracting agency; and (3) provide solicitation provisions and contract clauses, but allow executive agencies to tailor them.  The proposed rule gives effect to each of these three mandates, and makes other significant changes as well.Continue Reading The Proposed FAR Rule on OCIs: Big Changes May Be Coming

On January 10, 2025, the U.S. Department of the Treasury and U.S. Department of State intensified sanctions against Russia with new measures targeting Russia’s energy sector. According to the Treasury Department’s press release, these measures are intended “to fulfill the G7 commitment to reduce Russian revenues from energy” and “substantially increase the sanctions risks associated with the Russian oil trade.”

The new U.S. sanctions include a determination by the U.S. Department of the Treasury authorizing the imposition of property-blocking sanctions against any person who is determined by the Treasury Secretary or Secretary of State (in consultation with one another) to operate or have operated in the Russian energy sector, and a determination issued by the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) prohibiting—effective February 27, 2025—the provision of “petroleum services” from the United States or by a U.S. person to any person located in Russia. In addition, OFAC and the U.S. Department of State collectively designated for property-blocking sanctions more than 400 individuals, entities, and vessels from various countries involved in Russia’s energy sector, including two of Russia’s most significant oil producers and exporters—Public Joint Stock Company Gazprom Neft (“Gazprom Neft”) and Surgutneftegas, along with more than two dozen of their subsidiaries. The designations included more than 180 vessels, many of which are part of Russia’s “shadow fleet” of vessels involved in the trade of Russian oil, as well as several Russian energy executives, oil traders, oilfield service providers, and financial and insurance entities associated with Russia’s energy sector. The designations also covered two active Russian liquefied natural gas (“LNG”) projects and a Russian oil project.

On January 15, 2025, the U.S. Department of the Treasury and U.S. Department of State designated or re-designated under additional sanctions authority nearly 250 individuals and entities for property-blocking sanctions, including actors based in China.

OFAC also issued multiple general licenses related to the above designations, including a general license authorizing until February 27, 2025, transactions ordinarily incident and necessary to the wind down of transactions involving Gazprom Neft and Surgutneftegas, their designated subsidiaries, and entities that they own 50 percent or more, directly or indirectly, individually or in the aggregate, subject to certain conditions. In addition, OFAC revoked a general license that had authorized transactions with certain vessels subject to U.S. property-blocking sanctions due to their ownership, and amended two existing general licenses. One of these amended general licenses, General License 8L (which supersedes General License 8K), significantly narrows the scope of permissible energy transactions involving certain blocked financial institutions to include only wind-down transactions until March 12, 2025.Continue Reading New U.S. and UK Sanctions, Including Related to Russia’s Energy Sector

Economic Turmoil in the UK

The rate on the 10-year benchmark UK government bond has reached levels last seen in 2008. The rate on the 30-year bond stands at a 27-year high. Today, the Government sold £1 billion of bonds at the most expensive terms since 2004 – albeit with apparently good market demand. Sterling has suffered its worst trading losses for over two years. UK debt has risen to nearly 100% of GDP.  Inflation is proving to be sticky (recent OECD data showed the UK with the G7 highest inflation in November) – although today’s inflation figures show a small drop to 2.5%. 

Why is this happening?

International

It would be unfair to heap all the blame at the UK Government’s door.  Many of the factors fuelling the current market turbulence are outside the UK’s control.  The looming twin threats of President Trump’s tariffs and his tight immigration policy, together with rising oil prices (up nearly 10% in the first two weeks of 2025) have stoked global inflationary pressures, leading the world’s most powerful central banks to hold back on cutting interest rates and raising borrowing costs around the world. Markets appear to be pricing in higher US budget deficits and national debt (caused by Trump’s tax-cutting plans) adding to the supply of US Treasury bonds with resulting higher US interest rates and a stronger dollar.  All of which impacts the UK by pushing up  bond UK rates, increasing the deficit and hitting growth. 

Domestic

However, although bond rates are increasing across the globe (France, Spain and Germany have all seen similar increases), the UK does appear to be particularly vulnerable to this current bout of global economic uncertainty. A combination of uniquely-domestic factors (including the resilience of wage growth, service sector prices, and concerns about the inflationary impact of Labour’s tax and spend measures announced in the October Budget) has depressed consumer and business confidence and led to anaemic economic growth.Continue Reading The Political ramifications of the UK’s economic travails

The House Ethics Committee concluded 2024 by releasing a memorandum updating its guidance for Members’ personal use of political campaign funds (“updated guidance”).  While the Federal Election Campaign Act (“FECA”) and Federal Election Commission (“FEC”) regulations prohibit the personal use of campaign funds, House Rule 26.6(b) imposes additional restrictions on the “personal use” of campaign funds by a Member, her or his family, and other persons. 

The updated guidance reminds Members that House Rules are separate from, and in addition to, FEC regulations on the personal use of campaign funds.  Both the Ethics Committee and the FEC have emphasized their separate and independent jurisdiction, meaning that Members, their families and associates who are subject to House rules must comply with both regimes.

Additionally, the Senate also has its own rule (Rule 38.2) prohibiting Senators’ personal use of campaign funds.

While the House Ethics rules and FEC regulations are compatible, they are not identical.  Here are some of the more important distinctions:Continue Reading New House Ethics Committee Memorandum Clarifies Rules on Personal Use of Covered Campaign Funds

On January 2, 2025, the Department of Justice published a Notice of Proposed Rulemaking
(“NPRM”) soliciting public comments on potential amendments to the Department’s regulations
regarding the Foreign Agents Registration Act (“FARA”). The regulatory amendments proposed
by the Department are significant, and they would take the statute in a substantially

Continue Reading Department of Justice Proposes Major Changes to FARA Regulations, Including Sweeping Changes Affecting Multinational Companies

On January 3, 2025, the Federal Trade Center (“FTC”) announced that it reached a settlement with accessiBe, a provider of AI-powered web accessibility software, to resolve allegations that the company violated Section 5 of the FTC Act concerning the marketing and stated efficacy of its software. 

The complaint alleges that

Continue Reading AI Accessibility Software Provider Settles FTC Allegations

On 1 December 2024 the 2025-2029 College of Commissioners took office, led by President Ursula von der Leyen in her second term.

This blog explores what companies can expect from the new European Commission in the field of EU State aid.

Key takeaways

  • The Commission will establish a new State aid framework to allow EU Member States to grant State aid for (i) accelerating the roll-out of renewable energy, (ii) deploying industrial decarbonisation, and (iii) ensuring sufficient manufacturing capacity for clean tech “made in Europe” while preserving cohesion objectives.
  • Approval of State aid for Important Projects of Common European Interest (“IPCEIs”) will be made simpler and faster. The Commission may further expand the scope of IPCEIs to include innovations more broadly and possibly manufacturing projects.
  • The Commission will create a ‘European Competitiveness Fund’, aimed at supporting the development of strategic technologies and their manufacturing in the EU. Depending on its design, this fund may help level the playing field among EU Member States.
  • State aid rules will be revised to enable wider housing support measures, notably for energy efficiency and social housing. Other State aid rules will also undergo a revision during the 2025-2029 mandate, such as aid to the transport sector or for companies in difficulty.

Perpetuation of relaxed State aid rules for the green transition?

President Ursula von der Leyen announced in her political programme for the 2025-2029 mandate the need to have a new Clean Industrial Deal, to decarbonise, and to bring down energy prices.

As a key pillar of the EU Clean Industrial Deal, she called for the establishment of “a new State aid framework” (see mission letter to Executive Vice-President (“EVP”) Ribera, responsible for the ‘Clean, Just and Competitive Transition’ and thus for EU competition policy). This new framework will allow EU Member States to grant State aid for (i) accelerating the roll-out of renewable energy, (ii) deploying industrial decarbonisation, and (iii) ensuring sufficient manufacturing capacity for clean tech in the EU. It will build on the experience of the Temporary Crisis and Transition Framework (“TCTF”) and preserve cohesion objectives.

This new State aid framework may make more permanent the relaxed State aid rules in relation to the green transition.

As a response to the U.S. Inflation Reduction Act, heavily subsidising the green transition, the Commission relaxed the EU State aid rules for the roll-out of renewable energy, industrial decarbonisation, and manufacturing in the EU/EEA of relevant equipment for the transition towards a net-zero economy (for more details, see our blogpost). The TCTF was remarkable in terms of industrial policy because, under general State aid rules, support to large businesses pursuing manufacturing projects is generally considered unnecessary – large companies have access to capital and those measures may be considered highly distortive. Such aid could traditionally only have been authorised by the Commission under strict conditions and in support of a new economic activity in disadvantaged areas under the Commission’s Regional Aid Guidelines (“RAG”).Continue Reading State aid – Outlook for the European Commission’s 2025-2029 Mandate