Introducing the EU AI Act
Understanding the need for regulation to ensure the safe use of AI, the European Union (EU) has introduced the world’s most comprehensive legal guideline, EU AI Act, designed to impose strict requirements on AI systems operating within its jurisdiction. Its objectives are clear; however, its implementation and enforcement present challenges and the debate around its impact on innovation continues to get louder.
The EU AI Act, which officially entered into force in August 2024, aims to regulate the development and use of AI systems, particularly those deemed “high-risk.” The primary focus is ensuring AI is safe and ethical and operates transparently within strict guidelines. Enforcement of the Act formally kicked off on February 2, 2025, when the deadline for prohibitions, e.g., certain AI systems, ensuring tech literacy for staff, etc., lapsed.
Noncompliance comes at a price. With the goal of ensuring compliance, companies found in violation may be fined $7.5 million euros ($7.8 million) to $35 million euros ($35.8 million) or 1% to 7% of their global annual revenue. A significant financial deterrent.
The risk classification system is a critical aspect of the AI Act. AI systems are categorized as “prohibited AI practices,” such as biometric technologies that classify individuals based on race or sexual orientation, manipulative AI, and certain predictive policing applications, which are prohibited. Meanwhile, “high-risk” AI systems are permitted but are subject to rigorous compliance measures, including comprehensive risk assessments, data governance requirements, and transparency obligations. AI systems with limited transparency risk are subject to transparency obligations under Article 50 of the AI Act, which requires companies to inform users when they are interacting with an AI system. Finally, AI systems posing minimal to no risk are not regulated.
The EU AI Act is not without some voices in opposition. Other countries and big tech companies are pushing back on its implementation. Tech companies, for example, argue that stringent regulations will dampen innovation, which in turn will make it more difficult for European startups to compete globally. Critics also argue that by imposing heavy compliance burdens, the Act could push AI development out of Europe and into less regulated regions, hindering the continent’s technological competitiveness.
Feeling some overall pressure, the EU has rolled back some of its initial regulatory ambitions, such as repealing the proposed EU AI Liability Directive, which would have made it easier for consumers to sue AI providers. The EU must walk a fine line when it comes to protecting citizens’ rights while cultivating an environment that encourages technological advancement.
A Step in the Right Direction
It is yet to be seen if the EU AI Act will serve as a model for other countries. Long and short, there will be a lot of growing pains, and the EU should expect to have to iterate on the legislation, but overall, it is good to have a starting point from which to critique and iterate. The current framework may not be perfect, but it is a necessary starting point for the global conversation on AI regulation.
Europe: FCA Advances Efforts to Address the UK’s EU Legislative Legacy, Starting With MIFID
Following an HM Treasury policy statement, the FCA has published a consultation paper proposing amendments to some of the Markets in Financial Instruments Directive (MIFID) conduct of business and systems and controls rules inherited from the EU that continue to exist in the UK statute book in close to their original form.
The FCA has proposed an initial like-for-like transfer of rules into the appropriate parts of the FCA Handbook although some material is being dropped (for example, some recitals and other provisions from the EU legislation that they consider to be superfluous). It also envisages certain substantive amendments to reduce complexity and over prescription, e.g.:
Rationalising duplicative rules
Eliminating distinctions in rules for different types of firms where obligations are substantively similar
Tailoring language to better suit specific types of business, e.g. in cases where a distinction is necessary but has previously been ineffective
The FCA has identified an immediate opportunity to harmonise rules on conflicts of interest and best execution by unifying similar rules from legacy MIFID, UCITS and AIFMD regimes. It is also contemplating changes to client classification thresholds to create clearer and more flexible rules. In the longer term, the FCA has indicated an interest in eliminating the MIFID/non-MIFID distinction and instead basing firms’ regulatory responsibilities on the risks of harm in their respective business models.
The consultation paper lays out two stages of responses. The first, closing on 28 February 2025, should be uncontroversial as it just relates to the transfer of rules into the FCA Handbook. The second stage, which addresses substantive content amendments, closes on 28 March 2025.
Expect a policy statement from the FCA in H2 2025, as the FCA continues to work towards a tailored regulatory structure for UK portfolio managers (as well as others affected by MIFID rules).
DOJ’S False Claims Act Based Civil Cyber-Fraud Initiative in 2024
The start of a new year presents an opportune time to reflect on the past. We have been tracking and reporting on the U.S. Department of Justice (“DOJ”)’s Civil Cyber-Fraud Initiative (“CCF Initiative”), which former U.S. Deputy Attorney General Lisa O. Monaco announced in October 2021. The CCF Initiative employs the powerful False Claims Act (“FCA”) in an effort to “hold accountable entities or individuals that put U.S. information or systems at risk by (1) knowingly providing deficient cybersecurity products or services, (2) knowingly misrepresenting their cybersecurity practices or protocols or (3) knowingly violating obligations to monitor and report cybersecurity incidents and breaches.”
We previously offered insight into the first two FCA enforcement actions brought under this initiative, then a third, and a fourth. 2024 brought even more.
Towards the end of 2024, on October 22, 2024, DOJ announced an FCA settlement with a major public university relating to its alleged failure to comply with cybersecurity requirements for more than a dozen Department of Defense (“DOD”) and National Aeronautics and Space Administration (“NASA”) contracts and subcontracts. The university agreed to pay $1.25M to resolve allegations that it violated the FCA by failing to comply with cybersecurity requirements in fifteen contracts or subcontracts involving the DOD or NASA. The settlement resolves allegations brought by a chief information officer for the university’s Applied Research Laboratory in October 2022 under the FCA’s qui tam provisions.
The covered conduct includes allegations that the university failed to implement certain cybersecurity controls that were contractually required, and did not adequately develop and implement plans of action to correct deficiencies it identified. Specifically, the allegation was that the university did not implement certain National Institute of Standards and Technology requirements. There were no allegations that a third party ever breached any secured data within the university’s custody; the university’s alleged noncompliance alone was sufficient to fall in DOJ’s crosshairs.
Just a week prior, on October 15, 2024, a government services contractor agreed to pay $306,722 and waive $877,578 in potentially reimbursable remediation costs to settle allegations that it failed to properly protect personally identifiable information and personal health information of Medicare beneficiaries, resulting in a data breach. Despite the contractor promptly notifying Centers for Medicare and Medicaid Services (“CMS”) and cooperating with DOJ investigation, DOJ still pursued a FCA violation. The allegations stemmed from a shift to the electronic handling of “certain Medicare Support services” during the COVID-19 pandemic that the contractor provided to CMS between March 2021 and October 2022. Under its agreement with the CMS, the contractor was required to adhere to the Department of Health and Human Services (“HHS”)’s cybersecurity requirements. However, a subcontractor, whose servers were used to carry out the electronic task, was allegedly not in compliance with HHS’ cybersecurity requirements. Specifically, the subcontractor allegedly took screenshots from CMS systems that contained personally identifiable information and stored the screenshots without encryption, violating HHS’ cybersecurity requirements. Notably, per DOJ, “[t]he subcontractor’s server was breached by a third party in October 2022 and the unencrypted screenshots were allegedly compromised during that breach.”
These two FCA settlements under the CCF Initiative are only the latest reverberations of DOJ’s increased scrutiny on cybersecurity compliance to combat emerging cyber threats. There were others in 2024, including these three that were highlighted in DOJ’s annual recap of its FCA enforcement endeavors:
May 1, 2024: a staffing company agreed to pay $2.7M to resolve allegations that it violated the FCA by failing to implement adequate cybersecurity measures to protect health information obtained during COVID-19 contact tracing.
June 17, 2024: two consulting companies agreed to pay a combined $11.3M to resolve allegations that they violated the FCA by failing to meet cybersecurity requirements in contracts intended to ensure a secure environment for low-income New Yorkers to apply online for federal rental assistance during the COVID-19 pandemic.
August 22, 2024: DOJ filed an Amended Complaint against another major public university, alleging that it failed to meet certain cybersecurity requirements in its performance of DOD contracts. The university has moved to dismiss, and the motion is pending. The university’s argument is that the pertinent contract was for fundamental research and therefore not subject to DOD cybersecurity rules. DOJ contested the notion in its opposition and, as to materiality, took the position that “common sense alone supports the materiality of the cybersecurity requirements Defendants allegedly breached.” The university’s reply primarily dealt with the materials the Court could consider to resolve the issue. The matter is pending.
The enforcement actions brought in 2024 show the breadth of the CCF Initiative. That enforcement actions have been brought even where no breach occurred broadens the scope even more. What 2025 will bring, particularly in light of the administration change (and certain percolating constitutional challenges to components of the FCA), remains to be seen.
Whether the CCF Initiative continues in current form, name, or fervor, it nonetheless underscores the importance for contractors, subcontractors, grantees, and other forms of funding that have agreements with the government to pay close attention to the cybersecurity requirements of such agreements. If have not done so already, companies should consider engaging with counsel in concert with knowledgeable information technology professional (either external or internal) to:
understand their cybersecurity obligations on existing and future U.S. government contracts, subcontracts, grants and other forms of funding,
train employees,
implement information security controls such as access and network restrictions,
invest in and ensure regular compliance with upgrades, patches, and maintenance,
devise incident response plans and ransom strategies, and
operationalize internal whistleblowing.
And should a cyber incident occur, entities need to consider any Federal Acquisition Regulation (“FAR”) and/or agency FAR supplemental clause disclosure requirements in addition to any other Federal and state cyber incident reporting requirements applicable to the incident, e.g., HIPAA.
Trump Administration Issues Executive Order Prioritizing Hospital Price Transparency Enforcement
On February 25, 2025, President Donald Trump issued an Executive Order titled “Making America Healthy Again by Empowering Patients with Clear, Accurate, and Actionable Healthcare Pricing Information” (the 2025 Order). The 2025 Order directs federal agencies to take various actions to prioritize enforcement of healthcare price transparency requirements for hospitals and health plans “to support a more competitive, innovative, affordable, and higher quality healthcare system.”
Price Transparency Rules Background
The 2025 Order follows a 2019 Executive Order issued by then-President Trump titled “Executive Order on Improving Price and Quality Transparency in American Healthcare to Put Patients First” (the Price Transparency Order). That 2019 Price Transparency Order resulted in the adoption of regulations commonly called the Hospital Price Transparency Rules. Those Rules, in pertinent part, require hospitals to maintain a consumer-friendly display of pricing information for up to 300 shoppable services and a machine-readable file with negotiated rates for every single service the hospital provides. Read our previous analysis of the 2019 Price Transparency Order here, and our analysis of a 2024 OIG audit of hospital compliance with the Price Transparency Rules here.
2025 Price Transparency Executive Order Requirements
The 2025 Order now tasks the Departments of Treasury, Labor, and Health and Human Services with taking “all necessary and appropriate action” to implement and enforce the Hospital Price Transparency Rules because “hospitals and health plans were not adequately held to account when their price transparency data was incomplete or not even posted at all.”
Specifically, within 90 days of the 2025 Order, the federal agencies must:
(a) require the disclosure of the actual prices of items and services, not estimates;
(b) issue updated guidance or proposed regulatory action ensuring pricing information is standardized andeasily comparable across hospitals and health plans; and
(c) issue guidance or proposed regulatory action updating enforcement policies designed to ensurecompliance with the transparent reporting of complete, accurate, and meaningful data.
Notably, the phrase “actual prices of items and services” is not defined in the Order, and the express rebuke of pricing “estimates” appears to run counter to the approach taken under the No Surprises Act regulations (requiring the provision of good faith estimates) and certain state laws that require health care providers to furnish estimates to patients upon request. Whether and to what extent the agencies define these terms in subsequent guidance and/or rulemaking will be essential for health care organizations to monitor.
Takeaways for Health Care Organizations
Prior to the 2025 Order, the Centers for Medicaid and Medicare Services (CMS) had already issued civil monetary penalties for non-compliance with the Hospital Price Transparency Rules, and the 2025 Order appears intended to ramp up that type of enforcement action.
Hospitals, health plans, and providers should expect further guidance and enforcement information from these federal agencies during the 90-day period, which ends May 26, 2025. Regardless, health care organizations would be well-advised to review their price transparency processes and information available for consumers, as well as their policies to prepare for closer scrutiny of pricing disclosure practices. Additional information about the current Hospital Price Transparency Rules is available from CMS here.
SECURE 2.0’s Required Changes to Annual Funding Notices Become Effective in 2025
SECURE 2.0 introduced many changes for retirement plans, including updated disclosure requirements for a defined benefit plan’s annual funding notice (AFN). These updated AFN disclosure requirements apply for all plan years beginning after December 31, 2023. For calendar-year defined benefit plans, the first AFNs subject to the revised requirements will be due by April 30, 2025.[1]
Prior to SECURE 2.0, AFNs were generally required to contain information about the plan’s funded status, investment policies, regulatory filings, participant demographics, and other key information to ensure transparency and compliance. Though the goal of keeping relevant parties informed through AFNs remains the same, some of the requirements for the specific information to be included have changed, including:
Information Required:
Before SECURE 2.0 Changes:
Now in effect for plan years beginning after December 31, 2023:
Funded Status
Plans required to provide a statement regarding the plan’s “funding target attainment percentage” (for single employer plans) or the plan’s funded percentage (for multiemployer plans) for the plan year and the two preceding plan years.
Single employer plans no longer report the “funding target attainment percentage” which was determined as of the first day of each plan year, and instead now must report the “percentage of plan liabilities funded” which, along with other changes (including the interest rates used to calculate the plan liabilities), uses year end information.
Demographic Information
Plans required to disclose the number of plan participants, broken out by active employees, retirees receiving benefits, terminated employees entitled to future benefits, and beneficiaries as determined on the first day of the plan year.
Required information is the same, but now must be determined as of the last day of each of the three prior plan years, and must be disclosed in a tabular format.
Funding Policy
Plans required to provide a statement setting forth the funding policy of the plan and the asset allocation of investment under the plan.
Plans now must additionally disclose the “average return on assets” for the notice year.
PBGC Guarantees
Plans required to provide a general description regarding PBGC guarantees, including the circumstances in which the guarantees will apply and an explanation regarding limits of the guarantees.
Single employer plans now must additionally disclose that “if plan assets are determined to be sufficient to pay vested benefits that are not guaranteed by the [PBGC], participants and beneficiaries may receive benefits in excess of the guaranteed amount,” along with a disclosure that in the event of a plan’s termination, the PBGC’s calculation of the plan’s liabilities may be greater than what is disclosed in the AFN (which would mean that the funding status is lower than what is disclosed in the AFN).
Plan sponsors should carefully review the required changes under SECURE 2.0 when preparing AFNs for defined benefit plans with plan years beginning after December 31, 2023. There is currently no updated model notice from the Department of Labor, though a model incorporating the SECURE 2.0 changes could be released prior to April 30, 2025.
[1] Most defined benefit plans that are covered by the Pension Benefit Guaranty Corporation (PBGC) are required under ERISA § 101(f)(3) to send out an AFN to participants for each plan year within 120 days after the end of the plan year.
Broadband Grants Are Still Taxable Income. Will the Broadband Grant Tax Treatment Act Finally Fix It?
In March 2022, we published a blog post explaining that broadband grants are apparently subject to federal income taxation. Three years later, and with $42.5 billion in BEAD grants on the verge of disbursement, nothing has changed.
As discussed in 2022, the taxability of broadband grants seems to be an unplanned quirk of the 2017 Tax Cuts and Jobs Act. Prior to that, broadband grants were generally exempt from taxation based on a favorable IRS interpretation of Section 118 of the tax code. But the Tax Cuts and Jobs Act amended Section 118 to the effect that “contributions to capital” (including grants) made from governmental or civic groups to a corporation are taxable as gross income.
Recent recipients of state and federal broadband grants are already struggling with this. Crucially, the tax bill applies to grants used to cover front-end costs relating to construction of a broadband network, with taxes likely due on the grant before revenues ramp up. If a company receives $50 million in grant funds in 2024 to construct a rural broadband network, the company would need to pay $10 million in taxes on the grant (give or take) in 2025. The very substantial tax bill would come due while the network developer is still building up operations, and may in fact threaten the operational feasibility of the entire project.
Bipartisan legislation has been repeatedly introduced over the past several years to address this issue, to no avail. But on February 24, a bipartisan group of Senators announced the re-introduction of the Broadband Grant Tax Treatment Act, with such varied supporters as Sen. Tim Kaine (D-VA) and Sen. Tommy Tuberville (R-AL). (Notably, the Act would apply to amounts received in taxable years ending after March 11, 2021.)
Broadband providers have reason to be optimistic that the Broadband Grant Tax Treatment Act will finally be enacted this session. But until that occurs, it would be prudent to set aside funds to cover the tax bill associated with broadband grants.
How the New US Antitrust Enforcement Priorities Are Shaping Up
We still have a limited sample—Andrew Ferguson has only been in the FTC Chair role a month, and Gail Slater, Trump’s nominee to head the DOJ Antitrust Division, is just nearing the end of her confirmation process. That said, each is starting to give indications about where enforcement policies and priorities may shift relative to the outgoing leadership at the antitrust agencies—a continued focus on “Big Tech” adding censorship as a competitive harm, more predictability to promote business certainty, and a case-by-case approach to labor market (e.g., non-compete) enforcement. Here’s what we know so far.
Andrew Ferguson – FTC Chair
Andrew Ferguson became FTC Chair immediately after inauguration on Jan. 20, 2025. He was able to assume the role without a confirmation because he was already a sitting Commissioner confirmed by Congress in the spring of 2024. Before joining the FTC, Ferguson served as a solicitor general of Virginia, chief counsel to Sen. Mitch McConnell, and Republican counsel for the Senate Judiciary Committee. He also worked in private practice after clerking for Judge Karen L. Henderson of the D.C. Circuit and U.S. Supreme Court Justice Clarence Thomas.
As Commissioner, Ferguson authored several strong dissents, critical of what he perceived as overstep by the prior FTC majority. On Feb. 20, Chair Ferguson gave a window into his priorities during an interview with Fox Business. From that several themes emerged.
Focus on Big Tech, Consolidation, & Censorship. During his interview, Chair Ferguson was critical of companies with “economic power” that enabled abuses in “social and political ways, like with censorship.” He said he will look to prevent those conditions and confront abuses of such power in the future. Along these lines, Chair Ferguson expressed opinions that Section 230 of the Communications Decency Act, which provides certain immunity to online platforms for third-party content or its removal, was originally intended to promote nascent business but is now used by large platforms to “mistreat ordinary Americans,” and the courts or Congress should address that. When it came to “Big Tech” specifically, he commented that pending FTC cases will continue and “all of Big Tech is going to remain under the microscope” as the authorities hold “Big Tech’s feet to the fire.”
Emphasis on Business Certainty—Especially in Merger Reviews. Chair Ferguson made clear that promoting a “vibrant, innovative economy” is a priority and he sees his part in that as providing clarity and certainty to the business community. Consistent with this statement, Ferguson also issued a memo to FTC Staff on Feb. 18 affirming that the joint FTC and DOJ Merger Guidelines issued in 2023 will continue to guide agency merger analysis. During his interview he stated that the guidelines are “not perfect” and they “push the envelope a bit.” However, he wants to hold off on any changes and base them on future working experience because the Guidelines are generally “consistent with older guidelines” and “case law” in his view. If revisions to the Guidelines are needed, he said they will be done in an “iterative transparent revision process” but he would not “rescind them wholesale.”
Protecting Labor But Still Against the 2024 Non-Compete Ban. Chair Ferguson reiterated his criticism of the FTC’s rule broadly banning non-compete agreements, the validity of which remains the subject of litigation in Ryan LLC v. Federal Trade Commission, No. 24-10951 (5th Cir. Jan. 2, 2025) and Properties of the Villages, Inc. v. Federal Trade Commission, No. 24-13101 (11th Cir. June 21, 2024). (Many commentators have opined they expect the administration to drop its defense of the FTC ban. But even once a third Republican Commissioner is confirmed, defense of the rule in the courts may continue to preserve questions about the FTC’s rulemaking authority for the Supreme Court.) Despite his opposition to the non-compete rule, however, Ferguson said that the FTC’s job is, in part, to “protect workers” because the antitrust laws “protect labor markets.” Favoring case-by-case enforcement, Ferguson emphasized he will be “focusing very intently on attacking anticompetitive conduct that hurts America’s workers” and will look across industries for no poach, no hire, and non-compete agreements that are unlawful under the Sherman Act.
Gail Slater – Nominee to Lead DOJ Antitrust Division
Gail Slater is the President’s nominee for assistant attorney general of the DOJ Antitrust Division. She most recently served as then-Senator JD Vance’s economic policy adviser, and during the last Trump administration she was an advisor on technology issues for the National Economic Council. Slater worked at the FTC for a decade and also worked in-house, including for an internet trade association. On Feb. 12, 2025, the Senate Judiciary Committee held a hearing on Slater’s nomination, giving a first window into what her approach at DOJ might entail.
Tech Focus – Though Current Cases Could be Narrowed. As her background suggests, technology will remain a focus for Slater. She testified that she “will bring a deep understanding of technology markets to the Department as the common thread in my private sector work was technology.” She views antitrust law as playing a key role in fostering innovation and economic freedom. However, she emphasized that enforcement should be a “scalpel” and “requires evidence of anticompetitive conduct and harm to consumers.” Regarding pending DOJ cases against major tech firms, she committed to reviewing the files but noted that “resources are of course a very important consideration in antitrust litigation and taking cases further . . . . It’s very complex civil litigation . . . and costly.”
AI: Traditional Analysis of Component Concentration But Open to More Merger Remedies Generally. Slater seemed undecided about AI technology’s impact on competition, but she did commit to looking at “concentration in the AI technology stack.” During her testimony she also noted there is a “critical need to prevent the monopolization of digital markets,” though in another statement she signaled that under her leadership the Division may be more open to settlements in merger cases when “effective and robust structural remedies can be implemented without excessively burdening the Antitrust Division’s resources.”
Censorship as a Monopolization & Collusion Issue. Like Chair Ferguson, Slater also touched on potential enforcement around censorship. She expressed concern that in highly concentrated markets “anybody’s viewpoint can be quickly throttled or suppressed.” However, Slater also suggested that group boycotts may also be pursued; she noted a recent House Judiciary Committee report describing a trade association’s alleged facilitation of national brands (representing an estimated 90% of domestic ad expenditures) selectively withholding advertising dollars from certain companies.
Non-Competes as a Potential Abuse of Monopoly Power. Slater said she wanted to “depoliticize” the harms from non-compete agreements. She said “this is a growing concern in many parts of the country. It prevents workers from switching jobs easily, which is particularly problematic in highly concentrated markets.”
As the antitrust landscape in the U.S. evolves under new leadership, businesses across industries should stay alert to shifting enforcement priorities and their potential implications.
Acting NLRB GC William Cowen Rescinds Abruzzo’s Noncompetes and Severance Agreements Memo
Earlier this month, the Acting General Counsel of the National Labor Relations Board (NLRB), William Cowen, rescinded a slew of his predecessor’s policy memoranda. While general counsel (GC) memoranda are not the official legal position of the NLRB, if adopted by the Board they could have far-reaching ramifications for covered employers.
New GC typically unwind the GC Memos of their predecessor and, in this case, the action is consistent with the overall approach of the Trump Administration to roll back actions taken by Biden appointees.
By rescinding GC memoranda, Cowen has signaled that he will no longer seek to enforce actions against employers based on violations of the policies expressed in the memoranda. The action may also mean that for parties with active matters before the NLRB relating to the rescinded memos, resolution may be faster and more employer-friendly. It is important to note that because President Trump removed GC Jennifer Abruzzo and former NLRB Member Gwynne Wilcox immediately following the inauguration, the NLRB does not currently have enough members to form a quorum, meaning that it cannot issue decisions.
Among the more than 25 rescinded memoranda were two addressing topics critical to employers:
GC 23-05 on severance agreements.
GC 23-08 and GC 25-01 on noncompete agreements.
With respect to severance agreements, GC Abruzzo had taken the position that overly broad nondisparagement and confidentiality clauses often interfere with, restrain, or coerce employees’ exercise of Section 7 rights. As a result, many employers significantly narrowed these provisions in severance agreements with employees who are covered by the National Labor Relations Act (NLRA). By rescinding GC 23-05, the Acting General Counsel has backed away from Abruzzo’s interpretation of the NLRA.
With respect to noncompete agreements, the now-rescinded memoranda had expressed the NLRB’s position that (1) nearly all noncompete provisions are overbroad and therefore interfere with the exercise of employees’ Section 7 rights, and (2) employees should be entitled to significant damages relating to their misuse. The Acting General Counsel’s actions in rescinding these memoranda are also consistent with positions taken by the new chair of the Federal Trade Commission, Andrew Ferguson, disapproving the noncompete ban passed under former chair, Lina Khan. Although employers must continue to comply with the patchwork of state laws relating to the enforcement of noncompete provisions, it is unlikely that these restrictions will be the target of federal attention under a Republican-controlled government.
We will continue to monitor changes at the NLRB and report on the associated impact to employers.
Private Company Strategies: From Start-Up to Stand-Out: Navigating Employment Law Challenges [Podcast]
In the second installment of the Private Company Strategies podcast series, From Start-Up to Stand-Out, hosts Adam Diederich, Berin S. Romagnolo, and Sara Rosenberg are joined by AFS Partner Alexandra M. Romero to discuss essential employment law considerations for startups.
They cover federal, state, and local laws and regulations, with an emphasis on the importance of compliance, especially in a remote work environment. Our hosts also discuss the benefits of developing employment policies and practices early on.
Highlights of the conversation include:
Understanding employment laws is crucial for startups.
Consistently updating policies is necessary as the company grows.
Federal laws set a baseline, but state and local laws may impose additional requirements.
Remote work may complicate compliance with employment laws across jurisdictions.
Training employees on policies is vital for compliance.
“The Court’s Work in This Case Should Be Over”: IMC Responds to NCLC’s Effort to Intervene and Revive One-to-One Rule
As TCPAWorld.com readers already know, the NCLC and others attempted to join in the Eleventh Circuit Court of Appeals case involving the FCC’s one-to-one rule.
The NCLC wants the Court to reconsider the ruling striking down one-to-one and get ALL of the judges together on the Eleventh Circuit to rule on the issue.
Well today IMC fired back with a very nice brief explaining why there’s zero chance that should happen.
I am pleased to say they hit all the right notes here.
In particular NCLC’s failure to comply with the Hobbs Act timeframe for intervention feels pretty dang dispositive to Troutman.
The brief also points out that NCLC has already filed briefs in the case–so it has already had its say–plus it shouldn’t be allowed to stand in the shoes of the government (that’s just weird.) And hey look, they can have their say with the Commission as part of remand proceedings anyway– so if they want something done from a policy perspective they can do it there.
Now the last point may ring a bit hollow–just being real– but the other points are well made and dead on. Hopefully the court shuts the door on this pretty frivolous intervention effort.
In fact, in light of this filing I think R.E.A.C.H. will likely NOT be seeking to intervene after all– but need to discuss with the board to make sure.
We’ll keep an eye on this.
Full brief here: Brief Opposing NCLC
CEQ Sounds the Death Knell for Existing NEPA Regulations
The rapid changes relating to NEPA-implementing regulations accelerated this week, as the White House Council on Environmental Quality (CEQ) published an interim final rule (IFR) removing its NEPA regulations from the Code of Federal Regulations.
Effective April 11, 2025, CEQ’s IFR removes all iterations of its NEPA regulations, including 40 CFR parts 1500, 1501, 1502, 1503, 1504, 1505, 1506, 1507, and 1508, which federal agencies and developers alike have relied on in permitting projects since the 1970s.
This seismic shift in the implementation of NEPA—an area of the law that remained relatively stable for nearly a half century—comes on the heels of the D.C. Circuit Court of Appeal’s denial of the requests (by both petitioners and respondents) for rehearing en banc of that court’s opinion in Marin Audubon.
As we described in our November 2024 client alert, the panel majority in Marin Audubon concluded that the CEQ lacks authority to issue binding NEPA regulations. The D.C. Circuit declined to review the panel’s opinion, but, in a concurring opinion, seven out of 12 D.C. Circuit judges described the discussion regarding CEQ’s regulatory authority as dicta.
The IFR also follows on other important judicial developments. In early February 2025, the District Court for the District of North Dakota, in Iowa v. Council on Environmental Quality, issued an opinion in which it vacated the Biden Administration’s 2024 Phase 2 NEPA rules.
The court explained that its judgment would revert the CEQ regulations to an earlier version, namely, the version promulgated by the first Trump administration in 2020 as amended by the Biden administration’s 2021 Phase 1 NEPA rules. Although the court did not finally resolve the issue, it further opined that “it is very likely that if the CEQ has no authority to promulgate the 2024 Rule, it had no authority for the 2020 Rule or the 1978 Rule and the last valid guidelines from CEQ were those set out under President Nixon.”
Citing these decisions and President Trump’s Executive Order (EO) 14154, Unleashing American Energy—which revoked President Carter’s EO 11991 that served as the basis for CEQ’s NEPA regulations—the IFR has now made it clear that CEQ’s NEPA regulations will be rescinded in full.
What does this mean for your project?
In conjunction with its IFR, CEQ released a memo to the heads of federal departments and agencies directing them to:
Revise or establish new NEPA regulations within the next year consistent with EO 14154
Not delay pending NEPA analyses while those NEPA procedures are being updated
Most importantly, “consider voluntarily relying on [the soon-to-be-rescinded] regulations in completing ongoing NEPA reviews or defending against challenges to reviews completed while those regulations were in effect.”
CEQ also encouraged agencies to use the 2020 NEPA regulations as an “initial framework” for developing revisions to their own NEPA regulations, and provided suggested guidelines for those regulations.
As the implications for project proponents and litigants unfold, we are closely monitoring not only the enforceability of CEQ’s rescinded regulations, but also the agency-specific procedures that will replace them.
Clear rules foster timely and cost-efficient environmental reviews. Project proponents should consider active participation in the rulemakings that we will see across multiple federal agencies over the next 12 months to ensure adoption of legally defensible NEPA-implementing regulations that streamline and accelerate the permitting process.
DEI in the Spotlight: Wage and Hour Implications
With the nation’s heightened focus on DEI programs and policies, U.S. employers should carefully evaluate the legal risks associated with their DEI-related wage and hour practices.
Many employers across a broad range of industries—including financial services, technology, media, healthcare, retail, and professional services—utilize compensation-related incentives to support their DEI efforts. Practices that are likely to be scrutinized by those targeting an employer’s DEI initiatives include:
Diversity referral bonuses. Over the last decade, a number of leading employers have included as a component of their overall DEI efforts a program providing special bonuses to employees who successfully refer diverse candidates. To the extent such bonuses exceed those paid to employees for referring non-diverse candidates, they will likely be among the “low hanging fruit” for challenges.
Compensation tied to achievement of DEI-related goals. By the early 2020s, a number of companies had conditioned significant portions of their executive and management bonuses to achievement of individual and collective DEI-related goals and/or metrics. The risks inherent in these programs depends in large measure on the nature of the underlying benchmarks.
Paying for time spent in employee resource groups. Many employers have recognized and sponsored employee resource groups (sometimes called ERGs or affinity groups), where employees with shared characteristics, interests, or identities meet to foster a sense of community and support, often focusing on DEI initiatives. Federal and state law may, depending on the circumstances, require employers to count time spent by nonexempt (i.e., overtime-eligible) employees in ERG meetings, events, and other activities as “hours worked” and to pay them for that time—potentially at an overtime rate. If an employer is not required to pay nonexempt employees for the time spent in such activities, but does so anyway, it may invite legal challenges if it does not pay for time spent by such employees in other activities that are not required to be paid (e.g., voluntary after-hours gatherings unrelated to the employees’ job responsibilities).
Paid diversity internships and fellowships. Structured diversity-focused internship and fellowship programs—typically designed to provide students or recent graduates from underrepresented groups with career, mentorship, and professional development opportunities, as well as exposure to the day-to-day operations of the workplace— became more widespread in the last 20 years. In addition to the risk of discrimination claims tied to programs that limit eligibility based on race or other protected categories, companies and organizations that compensate participants in these programs but that do not similarly compensate other types of interns or fellows may be exposed to disparate treatment or disparate impact claims.
As with all policies and programs related to DEI, it’s the right time for employers in every industry to pressure-test their wage and hour practices to evaluate possible risk and to consult with counsel to mitigate those risks as the legal and regulatory landscape continues to evolve under the new Administration.