EU Law and Regulatory

European Biotech Act: Potential new extension for supplementary protection certificates (SPCs) for ATMPs and biotechnology medicines

By Grant Castle, Inga-Marlene Pietsch & Roderick Dirkzwager on December 18, 2025

Posted in EU Law and Regulatory, Intellectual Property Protection, Life Sciences & Digital Health, Patent, Pharma

This is one in a series of Inside EU Life Sciences blogs on the European Commission’s (“Commission’s”) latest proposal for a European Biotech Act.

On 16 December 2025, the Commission announced a proposal to introduce a new draft Regulation (“Proposed Regulation”) aimed at boosting the EU’s competitiveness in the biotech…

RESourceEU Action Plan – Strengthening the EU’s Access to Critical Raw Materials

By Carole Maczkovics, Sam Jungyun Choi & Matthieu Coget on December 16, 2025

Posted in EU Law and Regulatory, International Strategy, International Trade, Minerals, Policy and Legislation

On 3 December 2025, the European Commission adopted the RESourceEU Action Plan, signaling that Europe’s industrial competitiveness will increasingly depend on its ability to secure and diversify critical raw material (“CRM”) supply chains. For companies, inside and outside the EU, RESourceEU is more than a technical update: it marks a policy shift toward a more interventionist and security-driven approach to CRM governance.

The analysis below outlines the drivers behind the initiative, its main components, and the implications for multinationals trading into the EU.

EU Announces Political Agreement on Pharma Law Review

By Grant Castle, Peter Bogaert, Robin Blaney, Marie Doyle-Rossi, Anna Wawrzyniak & Spiros Drosos on December 15, 2025

Posted in EU Law and Regulatory, Life Sciences & Digital Health

At just after 5 am on 11 December 2025, the EU Parliament and the Council reached agreement on a new directive and a new regulation that will result in a major update to the EU’s pharmaceutical laws. Progress towards these new rules began in 2016 and are the result of…

European Commission Announces 2030 Consumer Policy Strategy

By Anna Sophia Oberschelp de Meneses, Jane Pinho, Cándido García Molyneux & Dan Cooper on December 5, 2025

Posted in Consumer, EU Law and Regulatory, Privacy

On November 19, 2025, the European Commission unveiled its 2030 Consumer Agenda, setting out priorities for EU consumer policy over the next five years. Below is an overview of the six key measures most relevant to industry.

Strengthening EU Economic Security – More of the Same or a New Approach?

By Ross Evans, Bart Szewczyk, Romain Girard & Matthieu Coget on December 4, 2025

Posted in EU Law and Regulatory, Foreign Direct Investment Regulation, International Strategy, International Trade, Trade Controls

On 3 December 2025, the European Commission unveiled the next phase of its economic security agenda. Building on the 2023 Economic Security Strategy and the 2024 European Economic Security Package (see our prior blog), the new communication sets out a more assertive and coordinated approach to managing risks linked to trade, investment, technology and critical infrastructure.

The EU intends to remain open to trade and investment, but that openness will increasingly be conditioned on economic security objectives. For businesses and investors, this translates into more scrutiny, more due diligence, and a more integrated interplay between the EU and Member States.

The European Commission calls for evidence ahead of its 2026 evaluation and review of the Audiovisual Media Services Directive

By Jane Pinho & Rose Höring on December 3, 2025

Posted in Entertainment, EU Law and Regulatory, Technology

The Commission has issued a call for evidence in relation to its 2026 evaluation and review of the Audiovisual Media Services Directive (“AVMSD”).

The AVMSD came into force in 2010 and establishes the EU’s regulatory framework for audiovisual media services. It governs the EU level coordination of national legislation on all audiovisual media, including traditional TV broadcasts and on-demand services.

The first review of the AVMSD was carried out in 2018 and resulted in the introduction of new provisions governing video sharing platforms.

Under Article 33 of AVMSD, the Commission is required to assess the impact and added value of the AVMSD and present an ex-post evaluation report, accompanied where appropriate by proposals for reviewing the Directive, by 19 December 2026. This second review of the AVMSD is also part of the Commission’s commitments in the recently announced European Democracy Shield, which aims to foster the EU media sector to achieve stronger and more resilient democracies.

European Commission Proposes Revisions to GDPR and Other Digital Rules Under Digital Omnibus Package

By Covington Privacy Team on November 23, 2025

Posted in Artificial Intelligence (AI), EU Law and Regulatory, Privacy

On 19 November 2025, the European Commission (“Commission”) officially presented its Digital Omnibus Package (see here and here). The initiative represents a comprehensive update to the EU’s digital regulatory landscape, which the Commission frames as a competitiveness and simplification initiative aimed at reducing administrative burdens and enhancing legal certainty for businesses. Although the final text is likely to evolve during negotiations with the European Parliament and the Council of the EU (“Council”), the package, if adopted in its present form, would introduce significant changes to data protection obligations, cookie rules, cybersecurity regulations and the EU AI Act.

The Digital Omnibus Package consists of two proposed regulations: a “Digital Omnibus” that would amend, amongst other legislation, the General Data Protection Regulation (GDPR), ePrivacy Directive, NIS2 Directive and Data Act, and a “Digital Omnibus on AI” that would amend the EU AI Act. We outline below key proposals from the Digital Omnibus that have particular significance for organizations operating in the EU.

A summary of amendments affecting the Data Act and the key proposals in the Digital Omnibus on AI will be addressed in subsequent blog posts.

EDPB to Focus on Transparency in 2026 Enforcement

By Dan Cooper, Anna Sophia Oberschelp de Meneses & Alix Bertrand on November 3, 2025

Posted in Data Protection, EU Law and Regulatory

On October 14, 2025, the European Data Protection Board (“EDPB”) announced that its 2026 coordinated enforcement action (“CEA”) will focus on transparency and information obligations — the rules that require organizations to clearly explain how they collect, use, and share personal data — under Articles 12-14 of the General Data Protection Regulation (“GDPR”).

New German Guidelines on GDPR Requirements for International Transfers of Health Data in Medical Research

By Kristof Van Quathem, Dr. Dr. Adem Koyuncu, Lars Lensdorf & Anna Sophia Oberschelp de Meneses on October 24, 2025

Posted in Cybersecurity, Data Protection, EU Law and Regulatory, Health Privacy, Life Sciences & Digital Health

On September 17, 2025, the German Supervisory Authorities (Konferenz der unabhängigen Datenschutzaufsichtsbehörden des Bundes und der Länder, DSK) published new guidelines and recommendations addressing the complex requirements for transferring personal data, particularly health data (including health data contained in biomaterials), to countries outside of the European Economic Area for scientific research purposes under the GDPR. These guidelines may be of particular relevance for pharmaceutical, medical device, and other life sciences companies that conduct clinical research.