On November 25, 2024, Bulgaria’s Sofia District Court made a request for a preliminary ruling to the CJEU relating to the provisions on automated decision-making (“ADM”) under the AI Act.  Case C-806/24 relates to a claim made by a telecoms company against a consumer who did not pay his bills.  The consumer argues that the telecom company’s method of automatically calculating fees constitutes an ADM system subject to Article 86(1) of the AI Act, and raised questions about the transparency, human review, and fairness aspects of the ADM system.  The Bulgarian court requests to the CJEU clarification on 17 questions of law, citing the AI Act, the Unfair Terms Directive, and the Consumer Rights Directive. Continue Reading CJEU Receives Questions on the AI Act Relating to Automated Decision Making

State lawmakers are considering a diverse array of AI legislation, with hundreds of bills introduced in 2025.  As described further in this blog post, many of these AI legislative proposals fall into several key categories: (1) comprehensive consumer protection legislation similar to the Colorado AI Act, (2) sector-specific legislation on automated decision-making, (3) chatbot regulation, (4) generative AI transparency requirements, (5) AI data center and energy usage requirements, and (6) frontier model public safety legislation.  Although these categories represent just a subset of current AI legislative activity, they illustrate the major priorities of state legislatures and highlight new AI laws that may be on the horizon.Continue Reading State Legislatures Consider New Wave of 2025 AI Legislation

Yesterday, the Trump Administration issued an Executive Order titled “Ensuring Accountability for All Agencies” (the EO).  The EO asserts Presidential authority over independent agencies, including the Federal Trade Commission (FTC), Federal Communications Commission (FCC), and Securities and Exchange Commission (SEC).  While the precise impacts remain to be seen, overall the EO will likely result in greater involvement by the White House in policymaking at independent agencies, both in substance and process.

OIRA Review of Agency Regulations.  The EO amends the Clinton Administration-era Executive Order 12866, which established a review process for regulations promulgated by executive branch departments and agencies but excluded independent agencies from that process.  The process includes requirements that departments and agencies submit “significant regulatory actions” to the Office of Information and Regulatory Affairs (OIRA) for review before publication in the Federal Register.  Executive Order 12866 defines “significant regulatory action” to mean “any regulatory action that is likely to result in a rule that may:”Continue Reading Trump Administration Asserts Presidential Authority Over Independent Agencies

On February 7, 2025, the OECD launched a voluntary framework for companies to report on their efforts to promote safe, secure and trustworthy AI.  This global reporting framework is intended to monitor and support the application of the International Code of Conduct for Organisations Developing Advanced AI Systems delivered by the 2023 G7 Hiroshima AI Process (“HAIP Code of Conduct”).*  Organizations can choose to comply with the HAIP Code of Conduct and participate in the HAIP reporting framework on a voluntary basis.  This reporting framework will allow participating organizations that comply with the HAIP Code of Conduct to showcase the efforts they have made towards ensuring responsible AI practices – in a way that is standardized and comparable with other companies.Continue Reading OECD Launches Voluntary Reporting Framework on AI Risk Management Practices

Last month, DeepSeek, an AI start-up based in China, grabbed headlines with claims that its latest large language AI model, DeepSeek-R1, could perform on par with more expensive and market-leading AI models despite allegedly requiring less than $6 million dollars’ worth of computing power from older and less-powerful chips.  Although some industry observers have raised doubts about the validity of DeepSeek’s claims, its AI model and AI-powered application piqued the curiosity of many, leading the DeepSeek application to become the most downloaded in the United States in late January.  DeepSeek was founded in July 2023 and is owned by High-Flyer, a hedge fund based in Hangzhou, Zhejiang.

The explosive popularity of DeepSeek coupled with its Chinese ownership has unsurprisingly raised data security concerns from U.S. Federal and State officials.  These concerns echo many of the same considerations that led to a FAR rule that prohibits telecommunications equipment and services from Huawei and certain other Chinese manufacturers.  What is remarkable here is the pace at which officials at different levels of government—including the White House, Congress, federal agencies, and state governments, have taken action in response to DeepSeek and its perceived risks to national security.  Continue Reading U.S. Federal and State Governments Moving Quickly to Restrict Use of DeepSeek

This is the first in a new series of Covington blogs on the AI policies, executive orders, and other actions of the new Trump Administration.  This blog describes key actions on AI taken by the Trump Administration in January 2025.

Outgoing President Biden Issues Executive Order and Data Center Guidance for AI Infrastructure

Before turning to the Trump Administration, we note one key AI development from the final weeks of the Biden Administration.  On January 14, in one of his final acts in office, President Biden issued Executive Order 14141 on “Advancing United States Leadership in AI Infrastructure.”  This EO, which remains in force, sets out requirements and deadlines for the construction and operation of “frontier AI infrastructure,” including data centers and clean energy facilities, by private-sector entities on federal land.  Specifically, EO 14141 directs the Departments of Defense (“DOD”) and Energy (“DOE”) to lease federal lands for the construction and operation of AI data centers and clean energy facilities by the end of 2027, establishes solicitation and lease application processes for private sector applicants, directs federal agencies to take various steps to streamline and consolidate environmental permitting for AI infrastructure, and directs the DOE to take steps to update the U.S. electricity grid to meet the growing energy demands of AI. Continue Reading January 2025 AI Developments – Transitioning to the Trump Administration

The Commission and the European Board for Digital Services have announced the integration of the revised voluntary Code of conduct on countering illegal hate speech online + (“Code of Conduct+”) into the framework of the Digital Services Act (“DSA”). Article 45 of the DSA states that, where significant systemic risks emerge under Article 34(1) (concerning the obligation on very large online platforms (“VLOPs”) and very large online search engines (“VLOSEs”) to identify, analyse, and assess systemic risks), and concern several VLOPs or VLOSEs, the Commission may invite VLOPs and VLOSEs to participate in the drawing up of codes of conduct, including commitments to take risk mitigation measures and to report on those measures and their outcomes. The Code of Conduct+ was adopted in this context. VLOPs and VLOSEs’ adherence to the Code of Conduct+ may be considered as a risk mitigation measure under Article 35 DSA, but participation in and implementation of the Code of Conduct+ “should not in itself presume compliance with [the DSA]” (Recital 104).

The Code of Conduct+—which builds on the Commission’s original Code of Conduct on countering illegal hate speech online, published in 2016—seeks to strengthen how Signatories address content defined by EU and national laws as illegal hate speech. Adhering to the Code of Conduct+’s commitments will be part of the annual independent audit of VLOPs and VLOSEs required by the DSA (Art. 37(1)(b)), but smaller companies are free to sign up to the Code as well.Continue Reading Introduction of the Revised Code of Conduct+ and the Digital Services Act

The UK Information Commissioner’s Office (“ICO”) recently announced a new online tracking strategy, which aims to ensure a “fair and transparent online world where people are given meaningful control over how they are tracked online.”

Online advertising is one of the ICO’s current areas of strategic focus (others areas of focus include AI and children’s privacy). The ICO has identified four key areas of concern—all of which the ICO states mean that individuals do not have sufficient control over their personal data:

  • “deceptive or absent choice” regarding non-essential cookies and tracking technologies;
  • “uninformed choice,” which refers to organizations not providing appropriate information to individuals;
  • “undermined choice,” where individuals’ choices are not respected and they are surprised about how their data is used; and
  •  “irrevocable choice,” meaning that individuals cannot effectively change their minds after they have made a choice over how their personal data is processed.

Having identified these areas of concern, the ICO states that it will take the following actions in 2025:Continue Reading ICO announces its online tracking strategy for 2025

Yesterday, the Federal Communications Commission (FCC) released the agenda for its February Open Meeting, which is scheduled for February 27, 2025.  This is the first agenda released by the FCC under new Chairman Brendan Carr.  The agenda items on which the commissioners will vote at the meeting will include the following:

  • A Notice of Proposed Rulemaking seeking input on proposed updates to 10-year-old service specific AWS-3 bidding rules to fulfill the agency’s “statutory obligation to initiate an auction of licenses for the AWS-3 spectrum in the Commission’s inventory by June 23, 2026.”  Proceeds from the auction will support the program that reimburses advanced communications service providers for the cost of removing and replacing Huawei Technologies or ZTE Corporation equipment and services in their networks.
  • A Notice of Inquiry seeking comment on the potential for freeing up additional mid-band spectrum in the Upper C-band for new services, including whether authorization and transition mechanisms similar to those used in the successful 3.7 GHz Service transition could be applied.  The NOI will solicit comments on the parameters for new opportunities in the Upper C-band, the potential need for amending the U.S. Table, and the current and future needs of existing operators while considering the impact on aviation radio altimeters.  It also will invite detailed proposals on transition mechanics and structure, and requests technical and economic data on the costs and benefits of authorizing new services in the Upper C-band.

Continue Reading FCC to Tackle Robust Agenda at February Open Meeting

On February 6, the White House Office of Science & Technology Policy (“OSTP”) and National Science Foundation (“NSF”) issued a Request for Information (“RFI”) seeking public input on the “Development of an Artificial Intelligence Action Plan.”  The RFI marks a first step toward the implementation of the Trump Administration’s January 23 Executive Order 14179, “Removing Barriers to American Leadership in Artificial Intelligence” (the “EO”).  Specifically, the EO directs Assistant to the President for Science & Technology (and OSTP Director nominee) Michael Kratsios, White House AI & Crypto Czar David Sacks, and National Security Advisor Michael Waltz to “develop and submit to the President an action plan” to achieve the EO’s policy of “sustain[ing] and enhance[ing] America’s global AI dominance” to “promote human flourishing, economic competitiveness, and national security.” Continue Reading Trump Administration Seeks Public Comment on AI Action Plan