As explained in a prior blog post, on January 21, 2025, President Trump signed Executive Order 14173 (“Ending Illegal Discrimination and Restoring Merit-Based Opportunity”) (the “EO”), establishing new requirements for federal contractors and grant recipients to agree that their compliance with federal anti-discrimination laws is “material to the government’s
Continue Reading Federal Appeals Court Reinstates Provisions of DEI Executive OrdersGerman SA Checks Whether Online Retailers Allow Consumers to Make Purchases Without Creating an Account
Posted in EU Law and Regulatory, Germany
In January 2025, the German Supervisory Authority of Hamburg (“HSA”) examined the practices of online retailers based in Hamburg as to whether they allowed consumers to make purchases without creating a user account. This was mentioned in a press release issued by the HSA regarding a ruling by the Hamburg Higher Regional Court confirming a HSA’s decision that online retailers may, in certain circumstances, require consumers to create a user account. This, in turn, follows the guidance published by the German supervisory authorities (“German SAs”) in 2022 (in German), which stated that online retailers generally may not require consumers to create a user account in order to make a purchase.
Background: German SAs’ Guidance
According to the German SAs, there may be practical reasons for consumers to create an account for online purchases (e.g., to keep relevant information for future purchases), but it cannot be assumed that they are always interested in doing so. Therefore, consumers should be able to shop online without creating an account.
With respect to the processing of the consumer’s account information (e.g., username, password, order history), the German SAs take the view that the creation of an account is generally not necessary for the performance of the purchase contract so that the online retailer generally may not rely on this legal basis (Article 6(1)(b) GDPR). However, the German SAs also recognized that there may be situations where online retailers may require consumers to create an account, for example, specialized dealers for certain professional groups. In any case, the online retailer must limit the processing of the personal data to the extent necessary in order to comply with the data minimization principle (Article 5 (2) (c) GDPR). For example, if a consumer chooses not to create an account, the online retailer should only collect and further process the data necessary to fulfill the order and should delete the data after that fulfillment, unless the online retailer is required by law to archive the data.
In the absence of “contractual performance” as a legal basis (see above), the online retailer requires the consumer’s consent (Article 6(1)(a) GDPR) for the processing of his or her data in connection with the creation of an account, according to the German SAs. As this consent must be freely given, the consumer should have the choice to make a purchase with or without a user account. Consumers that choose not to create a user account should not suffer any disadvantages; in particular, the online trader should not make it more difficult to place an order or reduce the level of security for the protection of personal data.
For consumers who choose to create an account, online retailers may only use account information (such as order history) for advertising purposes if they obtain separate consent from the consumer. They also need separate consent to retain consumers’ payment information for future purchases.Continue Reading German SA Checks Whether Online Retailers Allow Consumers to Make Purchases Without Creating an Account
FCC Announces “In Re: Delete, Delete, Delete” Docket in Support of Deregulatory Agenda
By Matthew DelNero & Andrew Longhi on
Posted in Regulatory
On March 12, 2025, the Federal Communications Commission (FCC) issued a Public Notice to announce it is seeking comment on whether any FCC rules, regulations or guidance documents should be removed due to the stated purpose of “alleviating unnecessary regulatory burdens.” The FCC opened the new “In Re: Delete, Delete…
Continue Reading FCC Announces “In Re: Delete, Delete, Delete” Docket in Support of Deregulatory AgendaEU’s Reaction to New U.S. Tariffs on Steel and Aluminum
Posted in EU Law and Regulatory, Tariffs
On 12 March, the European Commission responded to the imposition of new U.S. tariffs on EU steel and aluminum imports. The Commission pledged to implement “swift and proportionate countermeasures on U.S. imports into the EU,” signaling a firm stance while leaving the door open for future negotiations.
Announced Countermeasures under the Enforcement Regulation
The EU’s response is made up of two measures:
- The reinstatement of 2018 and 2020 EU additional ad valorem duties on certain U.S. imports (“Old Rebalancing Measures”): In 2018, the first Trump Administration introduced 25% and 10% tariffs on EU steel and aluminum exports, respectively, under Section 232 of the Trade Expansion Act of 1962. As a response, the EU adopted a list of additional ad valorem duties on certain U.S. imports. In 2020, the first Trump Administration extended the tariffs to cover certain steel and aluminum derivative products. The EU then adopted a broader list of additional ad valorem duties on certain U.S. imports. Adopted under the Enforcement Regulation, these Old Rebalancing Measures were designed to maximize political pressure on the first Trump Administration to rescind its tariffs. They were suspended in 2023 following an agreement with the Biden Administration.
As the suspension of the Old Rebalancing Measures expires automatically on 31 March, the Commission will reimpose them. These Old Rebalancing Measures cover approximately €8 billion worth of EU imports from the U.S., intended to be proportionate to addressing the economic damage inflicted by the U.S. tariffs, and concern products ranging from boats to bourbon to motorbikes.
- New EU measures under Article 5 of the Enforcement Regulation (“New Rebalancing Measures”): In response to the fresh U.S. tariffs impacting another €18 billion of EU exports, the Commission now plans to roll out new or additional ad valorem duties under Article 5 of the Enforcement Regulation (see the suggested product list). A stakeholder consultation is open for comment from 12–26 March, gathering input from affected industries. Following this, the Commission will draft an implementing act and consult Member States through the comitology procedure (as provided by the Enforcement Regulation). The implementing act is scheduled to take effect mid-April, bringing the total value of U.S. exports potentially impacted by the Old and New Rebalancing Measures to €26 billion.
Continue Reading EU’s Reaction to New U.S. Tariffs on Steel and Aluminum
New Artificial Intelligence Legislation in Mexico
Since 2020, over 60 bills have been introduced in the Mexican Congress seeking to regulate artificial intelligence (AI). In the absence of general AI legal framework, these bills have sought to regulate a broad range of issues, including governance, education, intellectual property, and data protection. Mexico lacks a comprehensive national…
Continue Reading New Artificial Intelligence Legislation in MexicoFebruary 2025 AI Developments Under the Trump Administration
By Nooree Lee, Robert Huffman, Ryan Burnette & August Gweon on
Posted in Artificial Intelligence (AI)
This is part of an ongoing series of Covington blogs on the AI policies, executive orders, and other actions of the Trump Administration. The first blog summarized key actions taken in the first weeks of the Trump Administration, including the revocation of President Biden’s 2023 Executive Order 14110 on the “Safe, Secure, and Trustworthy Development and Use of AI” and the release of President Trump’s Executive Order 14179 on “Removing Barriers to American Leadership in Artificial Intelligence” (“AI EO”). This blog describes actions on AI taken by the Trump Administration in February 2025.
White House Issues Request for Information on AI Action Plan
On February 6, the White House Office of Science & Technology Policy (“OSTP”) issued a Request for Information (“RFI”) seeking public input on the content that should be in the White House’s yet-to-be-issued AI Action Plan. The RFI marks the Trump Administration’s first significant step in implementing the very broad goals in the January 2025 AI EO, which requires Assistant to the President for Science & Technology Michael Kratsios, White House AI & Crypto Czar David Sacks, and National Security Advisor Michael Waltz to develop an “action plan” to achieve the AI EO’s policy of “sustain[ing] and enhance[ing] America’s global AI dominance in order to promote human flourishing, economic competitiveness, and national security.” The RFI states that the AI Action Plan will “define the priority policy actions needed to sustain and enhance America’s AI dominance, and to ensure that unnecessarily burdensome requirements do not hamper private sector AI innovation.”
Specifically, the RFI seeks public comment on the “highest priority policy actions” that should be included in the AI Action Plan and encourages respondents to recommend “concrete” actions needed to address AI policy issues. While noting that responses may “address any relevant AI policy topic,” the RFI provides 20 topics for potential input. These topics are general and do not include specific questions or areas where particular input is needed. The topics include: hardware and chips, data centers, energy consumption and efficiency, model and open-source development, data privacy and security, technical and safety standards, national security and defense, intellectual property, procurement, and export controls. As of March 13, over 325 comments on the AI Action Plan have been submitted. The public comment period ends on March 15, 2025. Under the EO, the finalized AI Action Plan must be submitted to the President by mid-October of 2025.Continue Reading February 2025 AI Developments Under the Trump Administration
Preparing Now for Expected Congressional Oversight: Newly Released Oversight Plans Signal Investigations of Private Parties
By Perrin Cooke, William Sokolove & Stephanie Nnadi on
Posted in Congressional Action
Recently, three key investigative committees of the House of Representatives—the Oversight and Government Reform Committee, Judiciary Committee, and Energy and Commerce Committee—each adopted their respective committee’s oversight plan for the new Congress, offering a window into the committees’ investigative priorities for the next two years. The newly adopted oversight plans provide insights into the companies and industries most likely to draw congressional scrutiny from these three significant committees.
Under clause 2(d) of Rule X of the House, each authorizing committee is required to adopt and submit an oversight plan to the Committee on Oversight and Government Reform and the Committee on House Administration by March 1 after the start of a new Congress. The Oversight and Government Reform Committee collects the individual oversight plans and later publishes a comprehensive collection by April 15.
With some exceptions, the current oversight plans described below align with the plans adopted by these committees in the last Congress, and the Republican Members of the committees rebuffed the Democratic Members’ efforts to expand the plans to encompass oversight of the new Trump Administration. During a series of contentious markups, the committees rejected various amendments that would have expanded the scope of the oversight plans to include reviews of the Trump Administration directives, federal funding freezes, the activities of the Department of Government Efficiency, and other topics. As a result, the oversight plans tend to focus on private sector investigations, suggesting that investigations of private sector interests may take an outsized role in these committees’ oversight activities in the current Congress.
Below we highlight those elements of the committees’ oversight plans that are mostly likely to have implications for private sector entities. The plans are especially relevant to clients in industries including energy and environment, aerospace and defense, communications, technology, artificial intelligence, higher education, and pharmaceuticals.Continue Reading Preparing Now for Expected Congressional Oversight: Newly Released Oversight Plans Signal Investigations of Private Parties
Flurry of Trump Administration Executive Orders Shakes Up Tech Policy, Creates Industry Opportunities
By Holly Fechner & Matthew Shapanka on
Since taking office, President Trump has issued dozens of executive orders, many addressing key technology policy areas that include international trade and investment, artificial intelligence (AI), connected vehicles and drones, and trade controls. Some of these executive actions reverse the previous administration’s efforts on these issues—such as the order revoking President Biden’s October 2023 executive order on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence—and others initiate a formal review process, suggesting the Trump Administration will preserve, and perhaps strengthen or enhance, key tech policies implemented by the Biden Administration and the first Trump term.
Several of the executive actions President Trump has taken so far offer important opportunities for stakeholders to weigh in with Executive Branch agencies as they consider next steps, including whether to revoke, expand, or retain tech policies initiated under President Biden. Key initiatives include:
America First Trade Policy
The President’s America First Trade Policy memorandum, issued on January 20, directs certain federal agencies to review policies issued by the Biden Administration. The memo does not provide specifically for public comment opportunities with respect to these policy reviews, but it provides insight into how the Administration may modify Biden Administration policy actions. We recommend that interested stakeholders engage to share their views with the Administration. Three critical areas in particular will affect stakeholders across tech industries:
- China and Intellectual Property: Section 3(e) of the memo directs the Commerce Secretary to the assess the status of United States intellectual property rights such as patents, copyrights, and trademarks conferred upon PRC persons” and to “make recommendations to ensure reciprocal and balanced treatment of intellectual property rights with the PRC.”
- Connected Vehicles: Section 4(d) The memo directs the Commerce Secretary to “review and recommend appropriate action with respect to the rulemaking by the Office of Information and Communication Technology and Services (ICTS) on connected vehicles.” The memo specifically directs the Secretary to consider whether ICTS controls should be “expanded to account for additional connected products.”
- Outbound Investment: Section 4(e) of the President’s memo directs the Treasury Secretary, in consultation with the Commerce Secretary, to review whether President Biden’s outbound executive order “should be modified or rescinded and replaced,” and to “assess whether the [Treasury Department outbound investment regulation] includes sufficient controls to address national security threats.” This review dovetails with the President’s America First Investment Policy memo, issued on February 21, which equates U.S. national security and U.S. economic security, and directs agencies to streamline regulatory reviews to promote foreign investment in the United States.
European Commission Publishes Automotive Industrial Action Plan
Posted in EU Law and Regulatory
On March 5, 2025, the European Commission published the Industrial Action Plan for the European Automotive Sector. This plan outlines measures to strengthen the competitiveness of the European automotive industry and to accelerate the transition to zero-emission mobility in the EU. This plan is the result of the “Strategic Dialogue” that has been taking place in Brussels in the last month between vehicle manufacturers in the EU and EU officials. The plan announces a catalogue of initiatives to be adopted by the Commission, but the expected timelines and the interplay between different initiatives is not always clear. This blog summarizes some of the initiatives likely to be relevant to stakeholders in the EU automotive industry—particularly those in the electric vehicle (“EV”) supply chain.Continue Reading European Commission Publishes Automotive Industrial Action Plan
European Health Data Space Published
By Kristof Van Quathem on
On March 5, 2025, the Regulation on the European Health Data Space (“EHDS”) was published in the Official Journal (see here). The text enters into force on March 25, 2025, however it only becomes applicable in a staggered manner over several years.
The section on secondary use of the…
Continue Reading European Health Data Space Published