The UK government has reported a successful start to the implementation of the National Security and Investment Act 2021 (the “NSIA” or “Act”). During the first three months (Jan-March 2022) in which the new NSIA regime has been active, the Investment Screening Unit (“ISU”) received 222 filings and reviewed 17 transactions in depth. Of those 17 transactions, three have been cleared unconditionally, with the other 14 transactions still under review at the end of the reporting period.

Mandatory NSIA filings, which represented 196 of the total flings, were most commonly made in six sectors: defence, military and dual-use, critical suppliers to government, artificial intelligence, data infrastructure and advanced materials.  There were significantly fewer filings in other sectors, with fewer than five filings per sector in areas such as synthetic biology, civil nuclear, advanced robotics and transport.

Collectively, these figures and other data suggest that the NSIA regime is operating, so far, broadly in line with expectations. While there are fewer filings than expected overall, this may reflect a broader global slowdown in M&A and investment activity. The ISU further reports that it is meeting, and often working well within, the maximum statutory time periods for the assessment of filings. The ISU indicates its willingness to complete reviews expeditiously where possible, including for in-depth assessments.

Continue Reading UK National Security and Investment Regime Working Well

On June 6 and June 9, 2022, the U.S. Treasury Department’s Office of Foreign Assets Control (“OFAC”) issued additional guidance on the sanctions that prohibit U.S. persons from making a “new investment” in Russia and from providing accounting, trust and corporate formation, and management consulting services to any person located in Russia.

Separately, from June 15, 2022, the UK Office of Financial Sanctions Implementation (“OFSI”) gained new powers to impose financial penalties for breaches of UK sanctions regulations (including, but not limited to, the UK sanctions regulations with respect to Russia) on a strict liability basis and to publish reports of cases where it is satisfied that a breach of financial sanctions has occurred but where no penalty is imposed.

This alert summarizes these new sanctions developments.

New U.S. Sanctions Developments

Guidance on the Prohibitions on “New Investment” by U.S. Persons in Russia

On June 6, 2022, OFAC issued guidance in the form of responses to new frequently asked questions (“FAQs”) to clarify certain aspects of the prohibitions on “new investment” in Russia by U.S. persons that were imposed under the following executive orders (“E.O.s”):

  • E.O. 14066, issued on March 8, 2022 (prohibiting new investment by U.S. persons in the energy sector of the Russian Federation, as described in our March 10 alert); 
  • E.O. 14068, issued on March 11, 2022 (prohibiting new investment by U.S. persons in any sector of the Russian Federation economy as may be determined by the Secretary of the Treasury, in consultation with the Secretary of State); and 
  • E.O. 14071, issued on April 6, 2022 (prohibiting “all new investment in the Russian Federation by U.S. persons, wherever located” as well as “any approval, financing, facilitation, or guarantee by a U.S. person, wherever located, of a transaction by a foreign person where the transaction by that foreign person would be prohibited by E.O. 14071 if performed by a U.S. person or within the United States,” as described in our April 11 alert.


Continue Reading Recent Developments in U.S. and UK Sanctions: OFAC Guidance on “New Investment” and Prohibition on the Provision of Certain Services to Any Person in Russia; UK Sanctions Enforcement Developments

The UK government has reported a successful start to the implementation of the National Security and Investment Act 2021 (the “NSIA” or “Act”). During the first three months (Jan-March 2022) in which the new NSIA regime has been active, the Investment Screening Unit (“ISU”) received 222 filings and reviewed 17 transactions in depth. Of those 17 transactions, three have been cleared unconditionally, with the other 14 transactions still under review at the end of the reporting period.

Mandatory NSIA filings, which represented 196 of the total flings, were most commonly made in six sectors: defence, military and dual-use, critical suppliers to government, artificial intelligence, data infrastructure and advanced materials.  There were significantly fewer filings in other sectors, with fewer than five filings per sector in areas such as synthetic biology, civil nuclear, advanced robotics and transport.

Collectively, these figures and other data suggest that the NSIA regime is operating, so far, broadly in line with expectations. While there are fewer filings than expected overall, this may reflect a broader global slowdown in M&A and investment activity. The ISU further reports that it is meeting, and often working well within, the maximum statutory time periods for the assessment of filings. The ISU indicates its willingness to complete reviews expeditiously where possible, including for in-depth assessments.

Continue Reading UK National Security and Investment Regime Working Well

On Monday 13 June, the UK Government tabled a Northern Ireland Protocol Bill (The NIP Bill) giving it the power to dis-apply parts of the N Ireland Protocol (NIP), an integral part of the EU-UK Trade and Cooperation Agreement (TCA).  The EU’s response was immediate: unfreezing the 2021 legal action commenced in response to the UK’s unilateral decision not to apply checks to incoming goods from GB to N Ireland.  In the months to come, the UK may face a second legal action by the EU in respect of The NIP Bill.  Without resolution, this issue could ultimately undo the TCA, igniting a trade war between the EU and the UK.

On 14 June, the first UK Government flight taking asylum seekers and refugees from the UK to Rwanda was prevented from taking off by a last minute intervention by an ECHR Judge.   This intervention triggered a backlash among right-wing politicians and commentators, who began to call for the UK to withdraw from the Convention itself – a suggestion which was not discounted by the PM when he was asked about it later.  It will take several months for the courts to decide whether the policy is legal: during that time, the Government appears to have accepted that no more flights to Rwanda can depart, leaving its flagship immigration policy equally grounded.

But the question of membership of the ECHR matters not only for the important principle of international protection of human rights, but because the ECHR is one of the pillars on which the Good Friday Agreement (GFA) rests.  The GFA brought an end to 30 years of The Troubles, and imposed an obligation on the UK to incorporate the Convention into the law of N Ireland to make it directly enforceable in N Ireland’s courts. The UK’s 1998 Human Rights Act did this.  Leaving the ECHR, therefore, to force through the Rwanda asylum policy, would breach the GFA, which the UK Government argues The NIP Bill is intended to defend. 

How did we get here?

Continue Reading Northern Ireland Protocol and the ECHR

The UK government has proposed legislation to open the way for gene‑edited food products in England.  The Genetic Technology (Precision Breeding) Bill (“Precision Breeding Bill”) sets out a new regulatory regime that may provide a faster and easier path to market for certain gene-edited plants, animals and derived products.

Overview of the Precision Breeding Bill

The Precision Breeding Bill applies to “precision bred organisms”.  These are defined in the Precision Breeding Bill as plants and animals that have been genetically modified through the use of “modern biotechnology”, where that genetic modification is of a type that could have been produced using “traditional processes” (i.e. selective breeding, grafting, embryo transfer, spontaneous mutation, etc.).  The definition of “modern biotechnology”, for the purposes of the Precision Breeding Bill, aligns with the set of techniques listed in regulation 5(1)(a) or (b) of the Genetically Modified Organisms (Deliberate Release) Regulations 2002 (S.I. 2002/2443).  Ultimately, the effect of the Precision Breeding Bill is to create a distinction in law between ‘precision bred organisms’ and all other ‘genetically modified organisms’ (“GMOs”) where the genetic modification could only have been produced using genetic modification technologies (e.g. introducing genes from one species into another, entirely unrelated, species).

The Precision Breeding Bill provides that a person wishing to use precision bred organisms for research or for marketing must first notify and register the precision bred organism.  Once notified and registered for research and development, the precision bred organisms can be released i.e. planted, bred or cultivated.  No specific authorisation is required.  Before marketing the precision bred organism, a person must apply for a ‘precision bred confirmation’, which indicates that the Secretary of State is satisfied, on the basis of information provided by the person, and scientific advice, that the organism qualifies as a precision bred organism.  The UK government will maintain a public register of all notified information. 

Continue Reading UK Draft Bill Permits ‘Precision Bred’ Gene-Edited Plants, Animals and Products

Facial recognition technology (“FRT”) has attracted a fair amount of attention over the years, including in the EU (e.g., see our posts on the European Parliament vote and CNIL guidance), the UK (e.g., ICO opinion and High Court decision) and the U.S. (e.g., Washington state and NTIA guidelines). This post summarizes two recent developments in this space: (i) the UK Information Commissioner’s Office (“ICO”)’s announcement of a £7.5-million fine and enforcement notice against Clearview AI (“Clearview”), and (ii) the EDPB’s release of draft guidelines on the use of FRT in law enforcement.

I. ICO Fines Clearview AI £7.5m

In the past year, Clearview has been subject to investigations into its data processing activities by the French and Italian authorities, and a joint investigation by the ICO and the Australian Information Commissioner. All four regulators held that Clearview’s processing of biometric data scraped from over 20 billion facial images from across the internet, including from social media sites, breached data protection laws.

On 26 May 2022, the ICO released its monetary penalty notice and enforcement notice against Clearview. The ICO concluded that Clearview’s activities infringed a number of the GDPR and UK GDPR’s provisions, including:

  • Failing to process data in a way that is fair and transparent under Article 5(1)(a) GDPR. The ICO concluded that people were not made aware or would not reasonably expect their images to be scraped, added to a worldwide database, and made available to a wide range of customers for the purpose of matching images on the company’s database.
  • Failing to process data in a way that is lawful under the GDPR. The ICO ruled that Clearview’s processing did not meet any of the conditions for lawful processing set out in Article 6, nor, for biometric data, in Article 9(2) GDPR.
  • Failing to have a data retention policy and thus being unable to ensure that personal data are not retained for longer than necessary under Article 5(1)(e) GDPR. There was no indication as to when (or whether) any images are ever removed from Clearview’s database.
  • Failing to provide data subjects with the necessary information under Article 14 GDPR. According to the ICO’s investigation, the only way in which data subjects could obtain that information was by contacting Clearview and directly requesting it.
  • Impeding the exercise of data subject rights under Articles 15, 16, 17, 21 and 22 GDPR. In order to exercise these rights, data subjects needed to provide Clearview with additional personal data, by providing a photograph of themselves that can be matched against the Clearview Database.
  • Failing to conduct a Data Protection Impact Assessment (“DPIA”) under Article 35 GDPR. The ICO found that Clearview failed at any time to conduct a DPIA in respect of its processing of the personal data of UK residents.


Continue Reading Facial Recognition Update: UK ICO Fines Clearview AI £7.5m & EDPB Adopts Draft Guidelines on Use of FRT by Law Enforcement

Like many governments around the world, UK politics currently appear somewhat unstable. And the UK’s problems are a reflection of the world, where established views and beliefs are suddenly no longer the unassailable certainties they have seemed to be for decades.

Davos met this week for the first time in two years against this very unsettled backdrop.  A few thoughts and reflections on discussions there follow…

Conversation seemed to centre around emerging trends which challenge the apparent established order of the postwar years. Liberalised economies, increasing globalisation and spreading democracy have been remarkably successful at lifting many millions of people out of poverty and providing them access to electricity, clean water, food and economic opportunity.

Yet now the acceptance of the universality of that approach appears to be under challenge and the world economy teeters on the edge of a downturn…

Continue Reading A few thoughts from Davos…

            On April 28, 2022, Covington convened experts across our practice groups for the Covington Robotics Forum, which explored recent developments and forecasts relevant to industries affected by robotics.  Sam Jungyun Choi, Associate in Covington’s Technology Regulatory Group, and Anna Oberschelp, Associate in Covington’s Data Privacy & Cybersecurity Practice Group, discussed global regulatory trends that affect robotics, highlights of which are captured here.  A recording of the forum is available here until May 31, 2022.

Trends on Regulating Artificial Intelligence

            According to the Organization for Economic Cooperation and Development  Artificial Intelligence Policy Observatory (“OECD”), since 2017, at least 60 countries have adopted some form of AI policy, a torrent of government activity that nearly matches the pace of modern AI adoption.  Countries around the world are establishing governmental and intergovernmental strategies and initiatives to guide the development of AI.  These AI initiatives include: (1) AI regulation or policy; (2) AI enablers (e.g., research and public awareness); and (3) financial support (e.g., procurement programs for AI R&D).  The anticipated introduction of AI regulations raises concerns about looming challenges for international cooperation.

Continue Reading Robotics Spotlight: Global Regulatory Trends Affecting Robotics

On May 10, 2022, Prince Charles announced in the Queen’s Speech that the UK Government’s proposed Online Safety Bill (the “OSB”) will proceed through Parliament. The OSB is currently at committee stage in the House of Commons. Since it was first announced in December 2020, the OSB has been the subject of intense debate and scrutiny on the balance it seeks to strike between online safety and protecting children on the one hand, and freedom of expression and privacy on the other.

To what services does the OSB apply?

The OSB applies to “user-to-user” (“U2U”) services—essentially, services through which users can share content online, such as social media and online messaging services—and “search” services. The OSB specifically excludes  email services, SMS, “internal business services,” and services where the communications functionality is limited (e.g., to posting comments relating to content produced by the provider of the service). The OSB also excludes “one-to-one live aural communications”—suggesting that one-to-one over-the-top (“OTT”) calls are excluded, but that one-to-many OTT calls, or video calls, may fall within scope.

Continue Reading Online Safety Bill to Proceed Through Parliament

Northern Ireland’s 30 years of ‘Troubles’ were brought to an end by the 1998 Good Friday Agreement (the GFA). The GFA was based on the principle of cross-community support from both nationalists and unionists: a delicate compromise which sought a middle path between the Unionists – who see N Ireland as an integral part of the UK – and the Nationalists – who view the future of N Ireland as lying in reunification with the Republic.

The success of the GFA was underpinned by the fact that both the UK and the Republic of Ireland were in the EU.  Whilst both countries were members of the EU, there was no need for a border between N Ireland the Republic – goods and services could flow unimpeded across the border.  Leaving the EU required a bespoke solution to N Ireland – one that respected the GFA and did not reimpose a physical border between N Ireland and the Republic: a visible manifestation of a divided island.

Squaring the circle of respecting the GFA, whilst taking the UK as a whole out of the EU, was always the most complicated part of Brexit. With the UK outside the EU, a customs border would be required somewhere: it could not be between N Ireland and the Republic, because of the need to respect the GFA and avoid antagonizing the Nationalist community. The only place that border could be therefore, was in the Irish Sea between N Ireland and the rest of GB – which risked irritating the Unionist community.

The Northern Ireland Protocol

The solution to this delicate balancing act was the Northern Ireland Protocol (the NIP), which left N Ireland in the EU Single Market, but brought it out of the Customs Union, enabling N Ireland to have the best of both worlds, with one foot in the UK and the other in the EU.  However, the NIP imposed checks on goods (especially food and medicine) from GB arriving into N Ireland, to ensure they complied with EU standards and avoid the risk of them leaking into the EU Single Market through the back door: these checks have so far been unilaterally postponed by the UK.

Elections add to the complexity…

Continue Reading The UK and the Northern Ireland Protocol (again!)