United States

On January 29 – 31, 2025, Covington convened authorities from across our practice groups for the Sixth Annual Technology Forum, which explored recent global developments affecting businesses that develop, deploy, and use cutting-edge technologies. Seventeen Covington attorneys discussed global regulatory trends and forecasts relevant to these industries, highlights of which are captured below.  Please click here to access any of the segments from the 2025 Tech Forum.

Day 1: What’s Happening Now in the U.S. & Europe

Early Days of the New U.S. Administration

Covington attorney Holly Fechner and Covington public policy authority Bill Wichterman addressed how the incoming administration has signaled a shift in technology policy, with heightened scrutiny on Big Tech, AI, cryptocurrency, and privacy regulations. A new Executive Order on AI aims to remove barriers to American leadership in AI, while trade controls and outbound investment restrictions seek to strengthen national security in technology-related transactions. Meanwhile, the administration’s approach to decoupling from China is evolving, with stricter protectionist measures replacing prior subsidy-based initiatives.

Cross-Border Investment

Covington attorney Jonathan Wakely discussed the role of ongoing geopolitical tensions in shaping cross-border investment policies, particularly in technology-related transactions. He noted that the Committee on Foreign Investment in the United States (CFIUS) remains aggressive in reviewing deals that could pose China-related risks. The new Outbound Investment Rule introduces restrictions on U.S. persons investing in Chinese companies engaged in certain AI, quantum computing, and semiconductor activities.

Updates on European Tech Regulation

Covington attorneys Sam Choi and Bart Szewczyk explained how, in light of the Draghi Report on European competitiveness and growing geopolitical pressures, the European Commission is planning to focus on “European competitiveness” in this term. The European Commission has announced plans to increase investments into its tech sectors, and find ways to ease the regulatory burden on companies. It is expected that the EU will focus on implementing, and potentially streamlining, its existing tech regulatory regime – rather than adopting new tech regulations that will impose added obligations on companies. The EU already has in place a robust regulatory regime covering privacy, cybersecurity, competition, data sharing, online platforms, and AI. In 2025, the recently adopted AI Act and the Data Act will start to apply, so companies should prepare for their implementation.  Continue Reading Covington Technology Forum Spotlight – The Great Race: Keeping Up as Technology and Regulation Rapidly Evolve

Authors: Jennifer Johnson, Jayne Ponder, August Gweon, Analese Bridges

State lawmakers are considering a diverse array of AI legislation, with hundreds of bills introduced in 2025.  As described further in this blog post, many of these AI legislative proposals fall into several key categories: (1) comprehensive consumer protection legislation similar to the Colorado AI Act, (2) sector-specific legislation on automated decision-making, (3) chatbot regulation, (4) generative AI transparency requirements, (5) AI data center and energy usage requirements, and (6) frontier model public safety legislation.  Although these categories represent just a subset of current AI legislative activity, they illustrate the major priorities of state legislatures and highlight new AI laws that may be on the horizon.

  • Consumer Protection.  Lawmakers in over a dozen states have introduced legislation aimed at reducing algorithmic discrimination in high-risk AI or automated decision-making systems used to make “consequential decisions,” embracing the risk- and role-based approach of the Colorado AI Act.  In general, these frameworks would establish developer and deployer duties of care to protect consumers from algorithmic discrimination and would require risks or instances of algorithmic discrimination to be reported to state attorneys general.  They would also require notices to consumers and disclosures to other parties and establish consumer rights related to the AI system.  For example, Virginia’s High-Risk AI Developer & Deployer Act (HB 2094), which follows this approach, passed out of Virginia’s legislature this month.
  • Sector-Specific Automated Decision-makingLawmakers in more than a dozen states have introduced legislation that would regulate the use of AI or automated decision-making tools (“ADMT”) in specific sectors, including healthcare, insurance, employment, and finance.  For example, Massachusetts HD 3750 would amend the state’s health insurance consumer protection law to require healthcare insurance carriers to disclose the use of AI or ADMT for reviewing insurance claims and report AI and training data information to the Massachusetts Division of Insurance.  Other bills would regulate the use of ADMT in the financial sector, such as New York A773, which would require banks that use ADMT for lending decisions to conduct annual disparate impact analyses and disclose such analyses to the New York Attorney General.  Relatedly, state legislatures are considering a wide range of approaches to regulating employers’ uses of AI and ADMT.  For example, Georgia SB 164 and Illinois SB 2255 would both prohibit employers from using ADMT to set wages unless certain requirements are satisfied.

Continue Reading Blog Post: State Legislatures Consider New Wave of 2025 AI Legislation

Close Up of Test Tubes_CovLibrary-MD-1000px

The UK’s Medicines and Healthcare products Regulatory Agency (“MHRA”) is seeking industry feedback on its new draft guideline on individual messenger ribonucleic acid (“mRNA”) cancer immunotherapies (the “Draft Guidance”).  Building on the success of mRNA vaccine technology in response to the Covid-19 pandemic, the technology is now being adapted to target diseases such as cancer.  The MHRA aims to provide a streamlined robust regulatory framework for the approval of such personalised mRNA-based cancer vaccines without compromising safety.

The Draft Guidance covers the regulatory classification of these novel cancer treatments, product design and manufacture, non-clinical and clinical development, pharmacovigilance and the distribution of information to the wider public.  Notably, the MHRA explicitly acknowledges that the regulatory and scientific principles discussed in the Draft Guidance could broadly apply to other disease indications or technologies that could benefit from personalisation or individualisation.  Therefore, industry should be aware that the scope of the Draft Guidance may be extended in the future beyond mRNA cancer immunotherapies that use lipid nanoparticle delivery systems to other delivery systems and disease areas.  Manufacturers, developers, patient organisations and other stakeholders have until 31 March 2025 to comment on the Draft Guidance.

We explore some of the interesting regulatory considerations arising from the Draft Guidance below.

Regulatory Classification

The classification of a medicinal product is key to determining what requirements and guidelines apply to the development, manufacture and delivery of that product.  For example, advanced therapy medicinal products (“ATMPs”) have specific Good Manufacturing Practice (“GMP”) requirements (see e.g., ‘Guidelines on Good Manufacturing Practice specific to Advanced Therapy Medicinal Products’), strict traceability requirements and additional pharmacovigilance requirements.

Currently, individual mRNA cancer immunotherapies are classified under the Human Medicines Regulations 2012 (as amended) (“HMRs”) as ATMPs and are sub-classified as gene therapies.  However, current mRNA therapies do not fit neatly under the ‘gene therapy’ umbrella because, unlike conventional gene therapies, which are designed to edit a person’s genome to treat or cure a disease, mRNA therapies do not involve integration into the host genome.

The Draft Guidance reveals that “a new ATMP sub-classification for nucleic acids that do not edit the patient’s genome is being considered.”  A practical advantage of a new sub-classification would be the opportunity to create bespoke and risk proportionate requirements and guidelines for mRNA therapies.  This would avoid overburdensome risk mitigations for these products as compared to similar products such as COVID-19 vaccines.

The Draft Guidance also predicts that mRNA therapies could be chemically synthesised (i.e., not manufactured by biotechnology).  Such therapies would fall outside the scope of the current definition of a gene therapy as they would not be a biological product.  The MHRA is considering the classification of relevant chemically synthesised mRNA therapies as ATMPs.Continue Reading MHRA Consultation on Individualised mRNA Cancer Immunotherapies – Unique opportunity for a streamlined risk based regulatory framework?

On February 6, the White House Office of Science & Technology Policy (“OSTP”) and National Science Foundation (“NSF”) issued a Request for Information (“RFI”) seeking public input on the “Development of an Artificial Intelligence Action Plan.”  The RFI marks a first step toward the implementation of the Trump Administration’s January

Continue Reading Trump Administration Seeks Public Comment on AI Action Plan

On January 29, Senator Josh Hawley (R-MO) introduced the Decoupling America’s Artificial Intelligence Capabilities from China Act (S. 321), one of the first bills of 119th Congress to address escalating U.S. competition with China on artificial intelligence.  The new legislation comes just days after Chinese AI company DeepSeek

Continue Reading Senator Hawley Introduces Sweeping U.S.-China AI Decoupling Bill

On February 1, President Trump issued three executive orders (“EOs”) imposing broad tariffs on U.S. imports from CanadaMexico, and China, initially to be effective on February 4. Invoking Presidential authority under the International Emergency Economic Powers Act (“IEEPA”), the EOs expand the national emergency declared by

Continue Reading Trump Administration Imposes Tariffs on Imports from Canada, Mexico, and China

On January 10, 2025, the U.S. Department of the Treasury and U.S. Department of State intensified sanctions against Russia with new measures targeting Russia’s energy sector. According to the Treasury Department’s press release, these measures are intended “to fulfill the G7 commitment to reduce Russian revenues from energy” and “substantially increase the sanctions risks associated with the Russian oil trade.”

The new U.S. sanctions include a determination by the U.S. Department of the Treasury authorizing the imposition of property-blocking sanctions against any person who is determined by the Treasury Secretary or Secretary of State (in consultation with one another) to operate or have operated in the Russian energy sector, and a determination issued by the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) prohibiting—effective February 27, 2025—the provision of “petroleum services” from the United States or by a U.S. person to any person located in Russia. In addition, OFAC and the U.S. Department of State collectively designated for property-blocking sanctions more than 400 individuals, entities, and vessels from various countries involved in Russia’s energy sector, including two of Russia’s most significant oil producers and exporters—Public Joint Stock Company Gazprom Neft (“Gazprom Neft”) and Surgutneftegas, along with more than two dozen of their subsidiaries. The designations included more than 180 vessels, many of which are part of Russia’s “shadow fleet” of vessels involved in the trade of Russian oil, as well as several Russian energy executives, oil traders, oilfield service providers, and financial and insurance entities associated with Russia’s energy sector. The designations also covered two active Russian liquefied natural gas (“LNG”) projects and a Russian oil project.

On January 15, 2025, the U.S. Department of the Treasury and U.S. Department of State designated or re-designated under additional sanctions authority nearly 250 individuals and entities for property-blocking sanctions, including actors based in China.

OFAC also issued multiple general licenses related to the above designations, including a general license authorizing until February 27, 2025, transactions ordinarily incident and necessary to the wind down of transactions involving Gazprom Neft and Surgutneftegas, their designated subsidiaries, and entities that they own 50 percent or more, directly or indirectly, individually or in the aggregate, subject to certain conditions. In addition, OFAC revoked a general license that had authorized transactions with certain vessels subject to U.S. property-blocking sanctions due to their ownership, and amended two existing general licenses. One of these amended general licenses, General License 8L (which supersedes General License 8K), significantly narrows the scope of permissible energy transactions involving certain blocked financial institutions to include only wind-down transactions until March 12, 2025.Continue Reading New U.S. and UK Sanctions, Including Related to Russia’s Energy Sector

Technology companies will be in for a bumpy ride in the second Trump Administration.  President-elect Trump has promised to adopt policies that will accelerate the United States’ technological decoupling from China.  However, he will likely take a more hands-off approach to regulating artificial intelligence and reverse several Biden Administration policies related to AI and other emerging technologies.Continue Reading Tech Policy in a Second Trump Administration: AI Promotion and Further Decoupling from China

Abstract Connection Concept_jpg

This update focuses on how growing quantum sector investment in the UK and US is leading to the development and commercialization of quantum computing technologies with the potential to revolutionize and disrupt key sectors.  This is a fast-growing area that is seeing significant levels of public and private investment activity.  We take a look at how approaches differ in the UK and US, and discuss how a concerted, international effort is needed both to realize the full potential of quantum technologies and to mitigate new risks that may arise as the technology matures.

Quantum Computing

Quantum computing uses quantum mechanics principles to solve certain complex mathematical problems faster than classical computers.  Whilst classical computers use binary “bits” to perform calculations, quantum computers use quantum bits (“qubits”).  The value of a bit can only be zero or one, whereas a qubit can exist as zero, one, or a combination of both states (a phenomenon known as superposition) allowing quantum computers to solve certain problems exponentially faster than classical computers. 

The applications of quantum technologies are wide-ranging and quantum computing has the potential to revolutionize many sectors, including life-sciences, climate and weather modelling, financial portfolio management and artificial intelligence (“AI”).  However, advances in quantum computing may also lead to some risks, the most significant being to data protection.  Hackers could exploit the ability of quantum computing to solve complex mathematical problems at high speeds to break currently used cryptography methods and access personal and sensitive data. 

This is a rapidly developing area that governments are only just turning their attention to.  Governments are focusing not just on “quantum-readiness” and countering the emerging threats that quantum computing will present in the hands of bad actors (the US, for instance, is planning the migration of sensitive data to post-quantum encryption), but also on ramping up investment and growth in quantum technologies. Continue Reading Quantum Computing: Developments in the UK and US

This update focuses on how growing quantum sector investment in the UK and US is leading to the development and commercialization of quantum computing technologies with the potential to revolutionize and disrupt key sectors.  This is a fast-growing area that is seeing significant levels of public and private investment activity.  We take a look at how approaches differ in the UK and US, and discuss how a concerted, international effort is needed both to realize the full potential of quantum technologies and to mitigate new risks that may arise as the technology matures.

Quantum Computing

Quantum computing uses quantum mechanics principles to solve certain complex mathematical problems faster than classical computers.  Whilst classical computers use binary “bits” to perform calculations, quantum computers use quantum bits (“qubits”).  The value of a bit can only be zero or one, whereas a qubit can exist as zero, one, or a combination of both states (a phenomenon known as superposition) allowing quantum computers to solve certain problems exponentially faster than classical computers. 

The applications of quantum technologies are wide-ranging and quantum computing has the potential to revolutionize many sectors, including life-sciences, climate and weather modelling, financial portfolio management and artificial intelligence (“AI”).  However, advances in quantum computing may also lead to some risks, the most significant being to data protection.  Hackers could exploit the ability of quantum computing to solve complex mathematical problems at high speeds to break currently used cryptography methods and access personal and sensitive data. 

This is a rapidly developing area that governments are only just turning their attention to.  Governments are focusing not just on “quantum-readiness” and countering the emerging threats that quantum computing will present in the hands of bad actors (the US, for instance, is planning the migration of sensitive data to post-quantum encryption), but also on ramping up investment and growth in quantum technologies. Continue Reading Quantum Computing: Developments in the UK and US