On May 22 the Federal Trade Commission (“FTC”) announced a $6 million settlement with Edmodo, an ed tech provider, for violations of the COPPA Rule and Section 5 of the FTC Act.  The FTC described this settlement as the first FTC order that will prohibit an ed tech provider from requiring students to provide more personal data than necessary to participate in online activities.  The settlement is consistent with the FTC’s policy statement on ed tech issued last May (see our summary of the policy statement here).

On May 23, 2023, the White House announced that it took the following steps to further advance responsible Artificial Intelligence (“AI”) practices in the U.S.:

  • the Office of Science and Technology Policy (“OSTP”) released an updated strategic plan that focuses on federal investments in AI research and development (“R&D”);
  • OSTP issued a new request for information (“RFI”) on critical AI issues; and
  • the Department of Education issued a new report on risks and opportunities related to AI in education.

May 23, 2023, Covington Alert

The U.S. Department of the Treasury (“Treasury”), in its capacity as chair of the Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”), recently posted two new frequently asked questions (“FAQs”) to CFIUS’s website that have important implications for parties planning transactions subject to the Committee’s jurisdiction.

First, CFIUS confirmed its recent practice of requiring detailed information on all direct or indirect foreign ownership involved in a transaction, including disclosure of all limited partners (or “LPs”) of an investment fund, without regard to any pre-existing agreements between the fund sponsor and investor regarding disclosure.

Second, CFIUS offered guidance regarding the meaning of “completion date” for purposes of when a mandatory filing must be submitted for a multi-stage transaction. The guidance could have broad implications, especially for some venture financing transactions, as it introduces uncertainty regarding the ability of investors to use a staged transaction to acquire an initial, passive equity interest prior to submitting a mandatory CFIUS filing with respect to a subsequent acquisition of control or certain non-passive rights. The new guidance seems at odds with language that appears in the preamble to the regulations implementing the Foreign Investment Risk Review Modernization Act of 2018 (“FIRRMA”), and the practice of transaction parties for the last several years. CFIUS did not provide any explanation for this change, which raises questions as to why the Committee has issued the guidance now.

Each of these developments is discussed in more detail below.

1. CFIUS may require detailed information regarding all foreign persons involved directly or indirectly in a transaction, including limited partners in an investment fund.

Treasury published the following FAQ on May 11:

Does CFIUS require information on all foreign persons, such as limited partners in an investment fund, that would hold an interest in a U.S. business, whether directly or indirectly, as part of the transaction?

A glance at headlines regarding competition law could easily give the impression that U.S. antitrust agencies have embarked on a record number of merger challenges in recent years. But the numbers tell a different story: in the first two years of the current Administration, the rate of merger-related federal enforcement actions has actually decreased. While

The Second Circuit recently revived a plaintiff’s false advertising claims under New York’s General Business Law (“GBL”), concluding that whether the particular statements at issue were non-actionable puffery requires a fact-intensive inquiry not suitable for resolution on a motion to dismiss.  MacNaughton v. Young Living Essential Oils, LC, No. 22-0344, 2023 WL 3185045 (2d Cir. May 2, 2023).

On 11 May 2023, members of the European Parliament’s internal market (IMCO) and civil liberties (LIBE) committees agreed their final text on the EU’s proposed AI Act. After MEPs formalize their position through a plenary vote (expected this summer), the AI Act will enter the last stage of the legislative process: “trilogue” negotiations with the European Commission, Parliament and the Council, which adopted its own amendments in late 2022 (see our blog post here for further details). European lawmakers hope to adopt the final AI Act before the end of 2023, ahead of the European Parliament elections in 2024.

In perhaps the most significant change from the Commission and Council draft, under MEPs’ proposals, providers of foundation models – a term defined as an AI model that is “trained on broad data at scale, is designed for generality of output, and can be adapted to a wide range of distinctive tasks” (Article 3(1c)) – would be subject to a series of obligations. For example, providers would be under a duty to “demonstrate through appropriate design, testing and analysis that the identification, the reduction and mitigation of reasonably foreseeable risks to health, safety, fundamental rights, the environment and democracy and the rule of law prior and throughout development” (Article 28b(2)(a)), as well as to draw up “extensive technical documentation and intelligible instructions for use” to help those that build AI systems using the foundation model (Article 28b(2)(e)).

On May 17, the Federal Trade Commission (“FTC”) announced an enforcement action against Easy Healthcare Corporation (“Easy Healthcare”) alleging that it shared users’ sensitive personal information and health information with third parties contrary to its representations and without users’ affirmative express consent, in violation of Section 5 of the FTC Act.  It also alleges that Easy Healthcare failed to notify consumers of these unauthorized disclosures, in violation of the Health Breach Notification Rule (“HBNR”).  According to the proposed order, Easy Healthcare will pay a $100,000 civil penalty for violating the HBNR and, among other requirements, will be permanently prohibited from sharing users’ personal health data with third parties for advertising purposes.  The FTC also noted that Easy Healthcare will pay a total of $100,000 to Connecticut, the District of Columbia, and Oregon for violating their laws.

This week’s report by the World Meteorological Organisation makes for alarming reading.  The report warns there is a 66% likelihood of exceeding the 1.5°C threshold in at least one year between 2023 and 2027 and notes that such a rapid change in global temperatures will take the world into ‘uncharted territory’, with an anticipated El Nino weather system likely to push already high temperatures even higher this year.  Since we have already seen the impact of a 1.1°C rise, the conclusions of the WMO report are deeply uncomfortable.

This blog looks at some of the data which give context to the Report’s conclusions.

Gas

Russia is the world’s largest natural gas exporter; the second-largest exporter of crude oil; and the third-largest producer of crude oil.  The Russian invasion of Ukraine spooked global gas markets and pushed prices to record highs – the TTF European gas price peaked at a record €343/MWh in August (equivalent in oil terms to more than $500 a barrel).  But as world gas markets have adjusted, the price has fallen – €75 per megawatt hour at the end of December and under €50/MWh by the end of April 2023.

Like global markets, the EU has demonstrated remarkable agility in its response to Russia’s invasion. In 2020, Russia supplied nearly 43% of all EU energy imports. The EU set itself the target of reducing Russian gas imports to 55 bcm/year by March 2023 (down from 158 bcm in 2021).   At the time, this seemed ambitious, but in the event, the EU easily exceeded that target and, by October 2022, the EU’s Russian gas imports had fallen to 38 bcm (12 % of the EU’s energy consumption).

Last spring, the EU required that Member States’ winter storage be 90% full by the end of autumn.  Again, at the time, that seemed a tough ask in the face of global constraints on alternative supplies. But in any event, the EU easily exceed the target, reaching 96% by the beginning of November 2022.

A combination of factors means the outlook for the EU is more positive than expected:

  • A mild winter meant the EU emerged with record high gas inventories (EU storage was 56% full);
  • The success of demand-side efficiencies (the Commission set a cross-EU efficiency target of 15% reduction in demand: the EU reduced demand by an average 19%);
  • Global gas markets have been nimble in responding to EU demand for non-Russian gas.  New and alternative supplies flowed in from Norway, Qatar, the US and (importantly) Algeria through existing, but under-used pipelines and new LNG capacity;
  • The EU has built new LNG infrastructure at record speed – with Germany opening its first LNG jetty in November 2022.

The Supreme Court recently issued its opinion in Gonzalez v. Google LLC, a case about whether Section 230 of the Communications Decency Act (47 U.S.C. § 230) protected YouTube’s recommendation algorithms from a claim of secondary liability under the Anti-Terrorism Act (ATA). In a short, three-page per curiam opinion, the Court avoided addressing the

This is the twenty-fourth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various government agencies to implement the Cyber EO from June 2021 through March 2023.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during April 2023.