EU Law and Regulatory

Earlier this week, Members of the European Parliament (MEPs) cast their votes in favor of the much-anticipated AI Act. With 523 votes in favor, 46 votes against, and 49 abstentions, the vote is a culmination of an effort that began in April 2021, when the EU Commission first published its proposal for the Act.

Here’s

On February 28, the European Data Protection Board (“EDPB”) announced that EU supervisory authorities (“SAs”) will undertake a coordinated enforcement action in 2024 regarding data subjects’ right of access under the GDPR.  For context, the EDPB selects a particular topic each year to serve as the focus for pan-EU coordinated enforcement.

In 2023, regulators focused

This year’s Munich Security Conference reemphasized the need for Europe to invest in greater defense capabilities and foster a regulatory environment that is conducive to building a defense and technological industrial base. In Munich, President Ursula von der Leyen committed to appointing a European Commissioner for Defence, if she is reselected later this year by the European Council and European Parliament. And the EU is also due to publish shortly a new defense industrial strategy, mirroring in part, the first-ever U.S. National Defense Industrial Strategy (NDIS) released earlier this year by the Department of Defense.

The NDIS, in turn, recognizes the need for a strong defense industry in both the U.S. and the EU, as well as other allies and partners across the globe, in order to strengthen supply chain resilience and ensure the production and delivery of critical defense supplies. And global leaders generally see the imperative of working together over the long-term to advance integrated deterrence policies and to strengthen and modernize defense industrial base ecosystems. We will continue tracking these geopolitical trends, which are likely to persist regardless of electoral outcomes in Europe or the United States.

These developments across both sides of the Atlantic follow on a number of significant new funding streams in Europe over the past couple of years, for instance:

  • The 2021 revision of the European Defense Fund Regulation allocated €8 billion for common research and development projects, meant to be spent during the 2021-2027 multi-annual financial framework (MFF).
  • As a direct response to Ukraine’s request for assistance with the supply of 155 mm-caliber artillery rounds, the EU adopted the 2023 Act in Support of Ammunition Production (ASAP), with a €500 million fund to scale up production of ammunition and missiles.
  • Most recently, the EU adopted the 2023 European Defense Industry Reinforcement through Common Procurement Act (EDIRPA), introduced a joint procurement fund of €300 million to facilitate Member States’ collective acquisition of defense products.
  • The European Peace Facility (EPF), an off-budget instrument, with an overall financial ceiling exceeding €12 billion, is primarily destined toward procurement of military material and large-scale financing of weapon supplies to allied third countries (including €6.1 billion for Ukraine).

Continue Reading Insights from the Munich Security Conference: Towards an Expanding U.S.-EU Defense Taxonomy?

On 26 January 2024, the European Medicines Agency (EMA) announced that it has received a €10 million grant from the European Commission to support regulatory systems in Africa, and in particular for the setting up of the African Medicines Agency (AMA). Although still in its early stages as an agency, AMA shows significant promise to harmonize the regulatory landscape across the continent in order to improve access to quality, safe and efficacious medical products in Africa. Other key organizations who are working to establish and implement the vision set out for AMA include the African Union (AU), comprising of 55 member states in Africa, the African Union Development Agency (AUDA-NEPAD) and the World Health Organization (WHO). Of importance, AMA is expected to play an important role in facilitating intra-regional trade for pharmaceuticals in the context of the Africa Continental Free Trade Area (AfCFTA).

Background to AMA and medicines regulation in Africa

Africa currently has limited harmonization of medicines regulation between jurisdictions. The functionality and regulatory capacity of national medicines regulatory authorities varies significantly. For example, many national regulators lack the technical expertise to independently assess innovative marketing authorization applications and instead adopt “reliance” procedures, whereby authorization by a foreign stringent regulatory authority or registration as a WHO pre-qualified product may be a condition for approval. Pharmaceutical manufacturers seeking to conduct multinational clinical trials or launch their products across Africa can often face challenges when navigating the divergent requirements for each country (and can face additional delays during each approval process).

Multiple initiatives in the last decade have aimed to increase the harmonization of medicines regulation across Africa with varying degrees of success, such as:Continue Reading EMA announces €10 million of funding to support the establishment of the African Medicines Agency

From February 17, 2024, the Digital Services Act (“DSA”) will apply to providers of intermediary services (e.g., cloud services, file-sharing services, search engines, social networks and online marketplaces). These entities will be required to comply with a number of obligations, including implementing notice-and-action mechanisms, complying with detailed rules on terms and conditions, and publishing transparency reports on content moderation practices, among others. For more information on the DSA, see our previous blog posts here and here.

As part of its powers conferred under the DSA, the European Commission is empowered to adopt delegated and implementing acts* on certain aspects of implementation and enforcement of the DSA. In 2023, the Commission adopted one delegated act on supervisory fees to be paid by very large online platforms and very large online search engines (“VLOPs” and “VLOSEs” respectively), and one implementing act on procedural matters relating to the Commission’s enforcement powers. The Commission has proposed several other delegated and implementing acts, which we set out below. The consultation period for these draft acts have now passed, and we anticipate that they will be adopted in the coming months.

Pending Delegated Acts

  • Draft Delegated Act on Conducting Independent Audits. This draft delegated act defines the steps that designated VLOPs and VLOSEs will need to follow to verify the independence of the auditors, particularly setting the rules for the procedures, methodology and templates used. According to the draft delegated act, designated VLOPS and VLOSEs should be subject to their first audit at the latest 16 months after their designation. The consultation period for this draft delegated act ended on June 2, 2023.
  • Draft Delegated Act on Data Access for Research. This draft delegated act specifies the conditions under which vetted researchers may access data from VLOPs and VLOSEs. The consultation period for this draft delegated act ended on May 31, 2023.

Continue Reading Draft Delegated and Implementing Acts Pursuant to the Digital Services Act

On 24 January 2024, the European Commission (the “Commission”) published its European Economic Security Package (the “EESP”), which included the long-awaited proposal to reform the EU Regulation which established a framework for Foreign Direct Investment screening (the “EU FDI Regulation”). The EESP’s proposed regulation (the “Proposed Regulation”) is one of the EESP’s five initiatives to implement the European Security Strategy (published in June 2023) – for an overview of the EESP, see our Global Policy Watch blog.

The Proposed Regulation seeks to improve the legal framework for foreign investment screening in the European Union and builds upon feedback that the Commission received during its public consultation in 2023. If adopted as proposed, it will significantly change the landscape of foreign investment screening regimes across the EU (for a full report of the public consultation see here).

This blog highlights the key changes under the proposed reform and analyses their impact on global deal making. We also provide an outlook on the next steps for the proposals.

Key takeaways and comment

  • Extended scope to include indirect foreign investments through EU subsidiaries and greenfield investments.
  • Minimum standards and greater harmonisation across the EU.
  • Introduction of call-in powers to review all transactions for at least 15 months after completion.
  • Coordinated submission of foreign investment filings in multi-country transactions.
  • Focus cooperation between Member States and the Commission on cases more likely to be sensitive.
  • More prescriptive guidance on substantive assessments and remedies, including a formal obligation for national screening authorities to prohibit or impose conditions on transactions they conclude are likely to negatively affect security or public order in one or more Member States.
  • Increased reporting, while protecting confidential information.

Continue Reading Draft EU Screening Regulation – a new chapter for screening foreign direct investments in the EU

In December 2023, the Dutch SA fined a credit card company €150,000 for failure to perform a proper data protection impact assessment (“DPIA”) in accordance with Art. 35 GDPR for its “identification and verification process”.

First, the Dutch SA decided that the company was required to perform a DPIA because the processing met two of

On December 5, 2023, the Spanish presidency of the Council of the EU issued a declaration to strengthen collaboration with Member States and the European Commission to develop a leading quantum technology ecosystem in Europe.

The declaration acknowledges the revolutionary potential of quantum computing, which uses quantum mechanics principles and quantum bits known as “qubits”

In previous blogs, we have written about the EU-China relationship and how the EU was increasingly focused on delivering its policy of Strategic Autonomy. We are beginning to see the concrete implementation of this strategic intent, with the EU Commission approving a €902 million German State aid measure to support the construction of an electric vehicle battery production plant.  As Margrethe Vestager, EVP for Competition Policy noted, this is the first individual aid to have been approved under the Temporary Crisis and Transition Framework since March 2023 and its approval will keep the battery plant in the EU, rather than it moving to the US.

And the EU is planning to take further measures to enhance and protect its economic security in pursuit of the goal of strategic autonomy. On December 10, the Commission unveiled its Agenda outlining for items to be addressed in early 2024. Of note is the European Economic Security Package (EESP), due for discussion on 24 January.

It had been planned to adopt the EESP by the end of 2023.  However, its adoption faced delays due to Member States’ concerns about ceding authority to Brussels in an area traditionally reserved for national competence. For its part, the Commission argues that a “Europeanization” of the EU trade rules was required to ensure consistency across the bloc following decisions by various Member States to issue their own trade measures (for example, on export controls).

Although full details of the EESP have not yet been released, key components of the EESP will include a revision of the Foreign Direct Investment Screening Regulation and an initiative regulating outbound investments. The Agenda for 24 January also includes a non-binding Communication restricting export of dual-use items.Continue Reading The European Economic Security Package