Our webinar series on the European Commission’s draft guidelines on Article 102 is now available on demand here. The series, hosted by Kevin Coates, a former European Commission head of unit and an antitrust partner in Covington’s Brussels office, is in three parts. 

In the first webinar, Massimiliano

Continue Reading European Commission’s draft guidelines on Article 102 – webinar series

On November 20, 2024, the Federal Communications Commission (the “Commission”) issued a Second Report and Order in which it adopted rules (“the Order”) to facilitate the transition to from Dedicated Short Range Communications (“DSRC”) technology to Cellular-Vehicle-to-Everything (“C-V2X”) technology for the Intelligent Transportation System (“ITS” also referred to as the

Continue Reading FCC Adopts Rules Facilitating the Transition to C-V2X Technology for the Connected Vehicle Ecosystem

Last month we provided an update on the UK Government’s draft post-market surveillance statutory instrument (“PMS SI”) and the UK Medicines and Healthcare products Regulatory Agency’s (“MHRA’s”) intention to run a further public consultation on proposed changes to pre-market medical device regulation under an upcoming statutory instrument (“Pre-Market SI”).

On 14 November 2024, the MHRA launched a consultation on proposed pre-market regulatory changes for medical devices and in vitro diagnostic (“IVD”) devices (the “Consultation”).  The MHRA intends to incorporate the feedback from the Consultation in drafting the Pre-Market SI.

The Consultation, which is open until 5 January 2025, addresses four areas of the future regulatory framework for medical devices in Great Britain (“GB”):

  1. International Reliance Scheme
  2. UK Conformity Assessment (“UKCA”) Marking
  3. In Vitro Diagnostic Devices
  4. Assimilated EU Law

It builds on the MHRA’s previous consultation in November 2021 (see our update here) and the responses to that consultation.

In the Ministerial Foreword to the Consultation, the Government makes clear that its reforms to the regulatory framework for medical devices in GB are focused on improving “timely access to high-quality healthcare”.  However, the Government recognises that this aim must be balanced with ensuring confidence in the safety and effectiveness of “groundbreaking medical devices”.

We discuss the four areas of the Consultation below.Continue Reading MHRA Consults on New UK Pre-Market Medical Device Measures

On 18 November 2024, the International Energy Agency (“IEA”) published a detailed 163-page Report titled “Recycling of Critical Minerals: Strategies to Scale Up Recycling and Urban Mining” (the “Report”). The Report emphasizes the importance of recycling in securing the supply of essential minerals – such as copper, lithium

Continue Reading Regulatory Insights from the IEA’s New Report on Recycling Critical Raw Materials

The European Medicines Agency (EMA) has announced that it will expand its activities under its clinical data publication policy (CDP Policy, also known as Policy 0070) to cover all clinical data submitted under new marketing authorization applications (MAAs) for medicinal products as well as any applications for line extensions or new indications, or where the MAA results in a negative opinion or is otherwise withdrawn.  These expanded activities are due to apply for MAAs submitted from April 2025 onwards.

The EMA originally implemented its CDP Policy in October 2016.  The policy provides a proactive obligation on the EMA to publish clinical data submitted to the agency under any MAA submitted via the EU centralized procedure.  However, the EMA has faced challenges during implementation of the policy due to operational constraints.  The CDP Policy therefore currently only applies to the following centralized procedures:

  • applications for COVID-19 medicines; and
  • initial MAAs for new active substances that receive a positive or negative opinion from the Committee for Medicinal Products for Human Use (CHMP), or which are withdrawn.

The latest announcement from the EMA means that line extensions and applications for major clinical Type II variations (such as the extension of indications) will similarly be subject to the CDP Policy from April 2025.  However, biosimilar, hybrid and generic MAAs are still excluded from the scope of the CDP Policy.  These types of applications usually include limited clinical data, and the EMA had observed that these data sets were infrequently accessed by the public when previously made available under the CDP Policy.

What clinical data is subject to the CDP Policy?

The CDP Policy applies to the following categories of data submitted with a centralized procedure MAA:

  • the clinical overview, which provides a critical analysis of the clinical data in the submission package, including the conclusions and implications of the clinical data;
  • the clinical summary, which provides a detailed factual summarization of all the clinical information submitted;
  • the study reports for the individual clinical studies; and
  • three appendices to the clinical study reports, namely the study protocol, the sample case report form used to record information on an individual patient, and documentation of the statistical methods used to analyze the data.

Continue Reading EMA Clinical Data Publication Policy to Cover All New Marketing Authorization Applications, Line Extensions and Major Clinical Type II Variations Starting Q2 2025

On November 14, 2024, GAO released its Bid Protest Annual Report to Congress for Fiscal Year 2024, which provides bid protest statistics and other interesting information regarding GAO’s protest system.

  • The number of protest filings decreased by 11% from FY23.  After a 22% increase between FY22 and FY23 to
Continue Reading GAO’s Annual Bid Protest Report: Fiscal Year 24 Protest Filings and Sustain Rate Fell after Unusually High Fiscal Year 23

At the end of his prior administration, President Trump tried to overhaul the federal workforce by making it easier to remove a substantial number of federal employees. With his incoming administration, President-elect Trump may try to do so again. Though Presidents have broad authority over federal employees, these renewed efforts may face new legal challenges because of a recent Biden Administration rule specifically intended to prevent a rollback of civil service protections.  Importantly, the rule itself recognizes federal employees’ long-standing reliance interests in their jobs that could make rescinding the new rule particularly difficult.

To go back to the end of the previous Trump Administration, on October 21, 2020, President Trump issued an “Executive Order on Creating Schedule F in the Excepted Service.”  That order created a new Schedule F for “[p]ositions of a confidential, policy-determining, policy-making, or policy-advocating character not normally subject to change as a result of Presidential transition.”  Simply put, it would have allowed the President to treat some career civil servants as political appointees and exempt them from Civil Service Rules and Regulations, including protections from removal, thereby giving the President expanded authority to remove federal employees at will.

Though President Trump’s order never went into effect, the Biden Administration nonetheless finalized a rule on April 4, 2024, that clearly responded to it.  That rule, titled “Upholding Civil Service Protections and Merit System Principles,” “clarifies and reinforces longstanding civil service protections and merit system principles[.]”  Interestingly, the rule’s preamble directly addresses a situation where “a future Administration,” such as the incoming Trump Administration, “seeks to rescind this rule and replace it with [Schedule F].”  The preamble goes on to read as a roadmap of the significant hurdles rollback efforts would face.  With that framing in mind, the rule explains that a future Administration, in complying with the Administrative Procedure Act (“APA”), would need to:Continue Reading Civil Service Protections in the Trump Administration

On October 16, 2024, the U.S. Cybersecurity and Infrastructure Security Agency (“CISA”) and the Federal Bureau of Investigation (“FBI”) published guidance on Product Security Bad Practices (the “Guidance”) that identifies “exceptionally risky” product security practices for software manufacturers.  The Guidance states that the ten identified practices—categorized as (1) Product Properties, (2) Security Features, or (3) Organizational Processes and Policies—are “dangerous and significantly elevate[] risk to national security, national economic security, and national public health and safety.”

The Guidance offers recommendations to remediate each of the identified practices and states that adoption of the recommendations indicates software manufacturers “are taking ownership of customer security outcomes.”  Provided below are the ten practices and associated recommendations.

I.               Product Properties

  • Development Not in Memory Safe Languages – The Guidance recommends software manufacturers protect against “memory safety vulnerabilities,” such as through the use of a memory safe language or protective hardware.
  • Inclusion of User-Provided Input in SQL Query Strings – The Guidance encourages product designs “that systematically prevent the introduction of SQL injection vulnerabilities, such as by consistently enforcing the use of parametrized queries.”
  • Inclusion of User-Provided Input in Operating System Command Strings – The Guidance recommends product designs “that systematically prevent[] command injection vulnerabilities, such as by consistently ensuring that command inputs are clearly delineated from the contents of a command itself.”
  • Presence of Default Passwords – The Guidance suggests the use of (among others) “instance-unique initial passwords,” requiring users to create new passwords during installation, and “time-limited setup passwords.”
  • Presence of Known Exploited Vulnerabilities – The Guidance states that known exploited vulnerabilities (“KEV”) should be patched before a product is deployed.  The Guidance also recommends that software manufacturers should offer a free and timely patch to customers when CISA’s catalog introduces a new KEV and advise customers “of the associated risks of not installing the patch.”
  • Presence of Open Source Software with Known Exploitable Vulnerabilities – The Guidance encourages software manufacturers to make “a reasonable effort to evaluate and secure their open source software dependencies.”  In particular, the Guidance recommends to conduct security scans on the initial and subsequent versions of open source software that are incorporated into the product and “[r]outinely monitor for Common Vulnerabilities and Exposures (CVEs) or other security-relevant alerts . . . in all open source software dependencies and update them as necessary,” among other recommended steps.  The Guidance further encourages the use of “a software bill of materials” to offer to customers.

Continue Reading CISA and FBI Publish Product Security Bad Practices

November 25, 2024, Covington Alert

The inauguration of President Trump on January 20 is expected to bring important changes to U.S. trade policy that are likely to affect companies that supply international customers, or are reliant on global supply chains. As discussed in our prior client alert, international trade is expected to be a key focus of President Trump, who has repeatedly expressed a preference for using tariffs as a policy tool to create perceived leverage for dealmaking with international partners on both economic and non-economic issues. Recent announcements by the Trump transition team regarding cabinet and staff appointments reinforce the view that trade policy under a second Trump administration could involve significant unilateral U.S. action, including the imposition of substantial new tariffs and a hawkish stance toward China. These new tariffs could be implemented swiftly after Trump takes office, or could alternatively be subject to more extensive investigative and reporting procedures, depending on the legal authority invoked. New tariff measures, as well as other trade actions Trump has proposed, could lead to retaliatory responses by U.S. trading partners, including key U.S. allies. This alert explores how trade policy may be implemented by a second Trump administration, and considers how companies may prepare for and mitigate the risks associated with these developments.

Cabinet Nominations and Other Economic Appointees

In recent weeks, Trump has announced several cabinet and staff appointments for his second administration, including individuals responsible for implementing trade policy. Key among them is Howard Lutnick, chairman and CEO of a Wall Street investment firm and co-chair of Trump’s transition team, whom Trump has selected to be Secretary of Commerce. Echoing Trump’s own views, Lutnick has been a strong advocate for using tariffs as an industrial policy tool and bargaining chip to rebalance U.S. trade, though he has suggested tariff measures under a second Trump administration may be more “targeted” than the universal 10 to 20 percent tariffs proposed by Trump during his campaign. In announcing Lutnick’s forthcoming nomination, Trump noted Lutnick would lead the administration’s “Tariff and Trade agenda,” and that he would have direct responsibility over the Office of the United States Trade Representative (“USTR”). As USTR is a separate agency established by Congress within the Executive Office of the President to lead on trade issues, it is uncertain if the announcement was referring to informal oversight over USTR or a formal restructuring of the agency. Should Trump seek to consolidate USTR within or under the Commerce Department, he may face opposition from Congress, whose approval would be required for such a reorganization. Continue Reading Trade Policy Under a Second Trump Administration and Implications for Business

In a new post on the Inside Class Actions blog, our colleagues discuss a new Illinois federal court decision, Gregg v. Cent. Transp. LLC, 2024 WL 4766297, at *3 (N.D. Ill. Nov. 13, 2024), which holds that the state’s recent amendment to its Biometric Information Privacy Act capping

Continue Reading Illinois Federal Court Rules BIPA Single-Violation Amendment Applies Retroactively