From Blocks to Rights: Privacy and Blockchain in the Eyes of the EU data Protection Authorities
On April 14, 2025, the European Data Protection Board (EDPB) released guidelines detailing how to process personal data using blockchain technologies in compliance with the General Data Protection Regulation (GDPR) (Guidelines 02/2025 on processing of personal data through blockchain technologies). These guidelines highlight certain privacy challenges and provide practical recommendations.
Challenges Under the GDPR
Blockchain’s immutability conflicts with rights to data rectification and deletion (Articles 16 and 17 GDPR). Its decentralized nature makes it difficult to comply with GDPR principles like data minimization, storage limitation (Article 5) and data protection by design (Article 25). International data transfers are also complicated, prompting the EDPB to recommend using standard contractual clauses for node participation to ensure Chapter V compliance.
Key Recommendations for Organizations
In order to minimize risks and ensure GDPR compliant data processing when using blockchain, the EDPB establishes certain rules for organizations to follow.
Roles and Responsibilities
Roles must be clearly defined based on service nature, governance and relationships. The EDPB makes a special mention of nodes in public permissionless blockchains. Nodes in public blockchains may be considered data controllers. A legal entity (e.g., a consortium) is encouraged when nodes jointly determine processing purposes.
Technical and Organizational Measures
Organizations should assess:
Whether personal data will be stored
If so, why is the blockchain needed
The type of blockchain to be used (public only if necessary)
The adequate technical safeguards to be implemented
Public blockchains should be avoided unless essential. Personal data should only be identifiable if necessary and justified via a Data Protection Impact Assessment (DPIA). The techniques the EDPB suggests limiting the identifiability of the personal data include:
Encryption – Protects data, but remains personal under GDPR.
Hashing – Offers security, but risks remain if keys are compromised.
Cryptographic commitments – Securely obscure data when original inputs are deleted.
GDPR Principles and Data Subject Rights
Deletion and objection – Due to blockchain’s permanence, erasure may require deleting parts of the chain or anonymizing data. Off-chain storage of personal data is preferred.
Data retention – If data isn’t needed for the blockchain’s full life, it shouldn’t be stored on-chain unless anonymized.
Security – Suggested safeguards include emergency protocols, breach notifications and protections against 51% attacks and rogue participants.
Rectification – If rectification requires deletion, standard erasure methods apply. Otherwise, new transactions must correct prior data without altering old entries.
Automated decisions – Controllers must meet Article 22 GDPR requirements even if a smart contract has executed.
Next Steps
Public consultation is open until June 9, 2025. The final version is expected to remain largely consistent with the draft, offering essential guidance for GDPR-compliant blockchain use.
This article was co-authored by Damian Perez-Taboada
The European Commission’s Guidance on Prohibited AI Practices: Unraveling the AI Act
The European Commission published its long-awaited Guidelines on Prohibited AI Practices (CGPAIP) on February 4, 2025, two days after the AI Act’s articles on prohibited practices became applicable.
The good news is that in clarifying these prohibited practices (and those excluded from its material scope), the CGPAIP also addresses other more general aspects of the AI Act, which comes to provide much-needed legal certainty to all authorities, providers and deployers of AI systems/models in navigating the regulation.
It refines the scope of general concepts (such as “placing on the market”, “putting into service”, “provider” or ” deployer”) and exclusions from the scope of the AI Act, provides a definition of others not expressly included in the AI Act (such as “use”, “national security”, “purposely manipulative techniques” or “deceptive techniques”), as well as takes a position on the allocation of responsibilities of providers and deployers using a proportionate approach (establishing that these responsibilities should be assumed by whoever is best positioned in the value chain).
It also comments on the interplay of the AI Act with other EU laws, explaining that while the AI Act applies as lex specialis to other primary or secondary EU laws with respect to the regulation of AI systems, such as the General Data Protection Regulation (GDPR) or EU consumer protection and safety legislation, it is still possible that practices permitted under the AI Act are prohibited under those other laws. In other words, it confirms that the AI Act and these other EU laws complement each other.
However, this complementarity is likely to pose the greatest challenges to both providers and deployers of the systems. For example, while the European Data Protection Board (EDPB) has already clarified in its Opinion 28/2024 on certain data protection aspects related to the processing of personal data in the context of AI models (adopted in December 2024) that the “intended” purposes of AI models at the deployment stage must be taken into account when assessing whether the processing of personal data for the training of said AI models can be based on the legitimate interest of the providers and/or future deployers. The European Commission clarifies in Section 2.5.3 of the CGPAIP that the AI Act does not apply to research, testing (except in the real world) or development activities related to AI systems, or AI models before they are placed on the market or put into service (i.e. during the training stage). Similarly, the CGPAIP provides some examples of exclusions from prohibited practices (i.e., permitted practices) that are unlikely to find a lawful basis in the legitimate interests of providers and/or future users of the AI system.
The prohibited practices:
Subliminal, purposefully manipulative or deceptive techniques (Article 5(1)(a) and Article 5(1)(b) AI Act)This prohibited practice refers to subliminal, purposefully manipulative or deceptive techniques that are significantly harmful and materially influence the behavior of natural persons or group(s) of persons, or exploit vulnerabilities due to age, disability or a specific socio-economic situation.
The European Commission provides examples of subliminal techniques (visual and auditory subliminal messages, subvisual and subaudible queueing, embedded images, misdirection and temporal manipulation), as well as explains that the rapid development of related technologies, such as brain-computer interfaces or virtual reality, increases the risk of sophisticated subliminal manipulation.
When referring to purposefully manipulative techniques (to exploit cognitive biases, psychological vulnerabilities or other factors that make individuals or groups of individuals susceptible to influence), it clarifies that for the practice to be prohibited, either the provider or the deployer of the AI system must intend to cause significant (physical, psychological or financial/ economic) harm. While this is consistent with the cumulative nature of the elements contained in Article 5(1)(a) of the AI Act for the practice to be prohibited, it could be read as an indication that manipulation of an individual (beyond consciousness) where it is not intended to cause harm (for example, for the benefit of the end user or to be able to offer a better service) is permitted. The CGPAIP refers here to the concept of “lawful persuasion”, which operates within the bounds of transparency and respect for individual autonomy.
With respect to deceptive techniques, it explains that the obligation of the provider to label “deep fakes” and certain AI-generated text publications on matters of public interest, or the obligation of the provider to design the AI system in a way that allows individuals to understand that they are interacting with an AI system (Article 50(4) AI Act) are in addition to this prohibited practice, which has a much more limited scope.
In connection with the interplay of this prohibition with other regulations, in particular, with the DSA, the European Commission recognizes that dark patterns are an example of manipulative or deceptive technique when they are likely to cause significant harm.
It also provides that there should be a plausible/reasonably likely causal link between the potential material distortion of the behavior (significant reduction in the ability to make informed and autonomous decisions) and the subliminal, purposefully manipulative or deceptive technique deployed by the AI system.
Social scoring (Article 5(1)(c) AI Act)The CGPAIP defines social scoring as the evaluation or classification of individuals based on their social behavior, or personal or personality characteristics over a certain period of time, clarifying that a simple classification of people on said basis would trigger this prohibition and that the concept evaluation is inclusive of “profiling” (in particular to analyze and/or make predictions on interests or behaviors), that leads to detrimental or unfavorable treatment in unrelated social contexts, and/or unjustified or disproportionate treatment.
Concerning the requirement that it leads to detrimental or unfavorable treatment, it is established that such harm may be caused by the system in combination with other human assessments, but that at the same time, the AI system must play a relevant role in the assessment. It also provides that the practice is prohibited even if the detrimental or unfavorable treatment is produced by an organization different from the one that uses the score.
The European Commission states, however, that AI systems can lawfully generate social scores if they are used for a specific purpose within the original context of the data collection and provided that any negative consequences from the score are justified and proportionate to the severity of the social behavior.
Individual Risk Assessment and Prediction of Criminal Offences (Article 5(1)(d) AI Act)When interpreting this prohibited practice, the European Commission outlines that crime prediction and risk assessment practices as such are not outlawed, but only when the prediction of a natural person committing a crime is made solely on the basis of a profiling of said individual, or on assessing their personality traits and characteristics. In order to avoid circumvention of the prohibition and ensure its effectiveness, any other elements being taken into account in the risk assessment will have to be real, substantial and meaningful for them to be able to justify the conclusion that the prohibition does not apply (excluding therefore AI systems to support the human assessment based on objective and verifiable facts directly linked to a criminal activity, in particular when there is human intervention).
Untargeted Scraping of Facial Images (Article 5(1)(e) AI Act)The European Commission clarifies that the purpose of this prohibited practice is the creation or enhancement of facial recognition databases (a temporary, centralized or decentralized database that allows a human face from a digital image or video frame to be matched against a database of faces) using images obtained from the Internet or CCTV footage, and that it does not apply to any scraping AI system tool that can be used to create or enhance a facial recognition database, but only to untargeted scraping tools.
The prohibition does not apply to the untargeted scraping of biometric data other than facial images, or even if it is a database that is not used for the recognition of persons. For example to generate images of fictitious persons and clarifies that the use of databases created prior to the entry into force of the AI Act, which are not further expanded by AI-enabled untargeted scraping, must comply with applicable EU data protection rules.
Emotion Recognition (Article 5(1)(f) AI Act)This prohibition concerns AI systems that aim to infer the emotions (interpreted in a broad sense) of natural persons based on their biometric data and in the context of the workplace or educational and training institutions, except for medical or security reasons. Emotion recognition systems that do not fall under this prohibition are considered high-risk systems and deployers will have to inform the natural persons exposed thereto of the operation of the system as required by article 50(3) of the AI Act.
The European Commission refers here to certain clarifications contained in the AI Act regarding the scope of the concept of emotion or intention, which does not include, for example, physical states such as pain or fatigue, nor readily apparent expressions, gestures or movements unless they are used to identify or infer emotions or intentions. Therefore, a number of AI systems used for safety reasons would already not fall under this prohibition.
Similarly, the notions of workplace, educational and training establishments must be interpreted broadly. There is also room for member states to introduce regulations that are more favorable to workers with regard to the use of AI systems by employers.
It also clarifies that authorized therapeutic uses include the use of CE marked medical devices and that the notion of safety is limited to the protection of life and health and not to other interests such as property.
Biometric Categorization for certain “Sensitive” Characteristics (Article 5(1)(g) AI Act)This prohibition is for biometric categorization (except where purely ancillary to another commercial service and strictly necessary for objective technical reasons) that individually categorize natural persons on the basis of their biometric data to deduce or infer their race, political opinions, trade union membership, religious or philosophical beliefs, sex life or sexual orientation.
The European Commission clarifies that this prohibition, however, does not cover the labelling or filtering of lawfully acquired biometric datasets (such as images), including for law enforcement purposes (for instance, to guarantee that data equally represents all demographic groups).
Real-time Remote Biometric Identification (RBI) Systems for Law Enforcement Purposes (Article 5(1)(h) AI Act)The European Commission devotes a substantial part of the CGPAIP to the development of this prohibited practice, which refers to the use of real-time RBI systems in publicly accessible areas for law enforcement purposes. Exceptions, based on the public interest, are to be determined by the member states, through local legislation.
The CGPAIP concludes with a final section on safeguards and conditions for the application of the exemptions to the prohibited practices, including the conduct of Fundamental Rights Impact Assessments (FRIAs), which are defined as assessments aimed at identifying the impact that certain high-risk AI systems, including RBI systems, may have on fundamental rights, and which, it is clarified, do not replace the existing Data Protection Impact Assessment (DPIA) that data controllers (i.e., those responsible for processing personal data) must conduct and have a broader scope (covering not only the fundamental right to data protection but also all other fundamental rights of individuals) and which complement, inter alia, the required DPIA, the registration of the system or the need for prior authorization.
EDPB Adopts Opinion on UK Adequacy Decision Extension
On March 5, 2025, the European Data Protection Board (the “EDPB”) published Opinion 06/2025 on the extension of the European Commission Implementing Decisions under the GDPR and the Law Enforcement Directive on the adequate protection of personal data in the United Kingdom (the “Opinion”).
The Opinion was requested by the European Commission as the two current adequacy decisions are due to expire on June 27, 2025. For more background on the adequacy decisions, see our previous blog post here.
The extension of the adequacy decisions for a further six months gives the UK government time to enact the draft Data (Use and Access) Bill (the “DUA Bill”) which proposes several amendments to UK data protection law. The DUA Bill is currently in the House of Commons and likely to be finalised in the coming months. For further information on the changes to UK data legislation proposed by the DUA Bill, see here.
The EDPB clarified that the Opinion does not assess the UK data protection framework. Both the European Commission and the EDPB have stated their intentions to re-assess the UK legal framework following finalization of the proposed legislative changes in the UK, namely, the amends that shall be introduced upon the DUA Bill becoming enacted.
CNIPA Announces Deepening of “Blue Sky” Campaign to Strengthen Supervision of Intellectual Property Law Firms
On May 7, 2025, China’s National Intellectual Property Administration (CNIPA) released the Notice of the State Intellectual Property Office on deepening the “Blue Sky” campaign to strengthen the comprehensive governance of the intellectual property agency industry (国家知识产权局关于深入开展“蓝天”行动 强化知识产权代理行业综合治理的通知). The Blue Sky Campaign is somewhat similar to but more comprehensive than the USPTO’s recent launch of the Patent Fraud Detection and Mitigation Working Group. The Notice states that CNIPA will regulate agency behavior by 1. rectifying the behavior of patent agents that file “abnormal” patent applications including potential referral for criminal prosecution; 2. cracking down on unqualified patent agents; 3. crack down on illegal or irregular behavior of trademark agents; 4. strictly regulate solicitations; 5. rectify IP firms that do not complete licensing requirements; and 6. stop patent agents from renting their patent bar registrations. Further, CNIPA will aim to improve patent agent quality, improve the supervision of the IP firm industry, and increase IP publicity and education.
A translation follows. The original text is available here (Chinese only).
To the Intellectual Property Offices of all provinces, autonomous regions, municipalities directly under the Central Government and the Xinjiang Production and Construction Corps, and all relevant local centers; all departments of the National Intellectual Property Office, all departments of the Patent Office, the Trademark Office, other directly affiliated units of the Office, and all social organizations:
2025 is the final year for the implementation of the “14th Five-Year Plan for National Intellectual Property Protection and Utilization” and the year for the three-year special action on patent transformation and utilization. In order to strengthen the comprehensive governance of the intellectual property agency industry, improve the supervision system, improve the quality of agencies, and strongly support the work of patent transformation and utilization and intellectual property protection, the National Intellectual Property Administration has decided to continue the “Blue Sky” special rectification action in the intellectual property agency industry in 2025. The relevant matters are hereby notified as follows.
1. Regulate agency behavior and maintain industry order
(I) Concentrate on rectifying the behavior of acting as an agent for abnormal patent applications. A number of cases of acting as an agent for abnormal patent applications will be investigated and dealt with in a concentrated manner to form a high-pressure situation for centralized rectification. Intellectual property management departments in various places should adopt comprehensive measures and implement classified rectification by using various measures such as key inspections, warning talks, talks for rectification, warnings and fines, credit deductions, and self-discipline punishments according to the circumstances; if the circumstances are particularly serious, they should be reported to the National Intellectual Property Administration for handling in a timely manner. It is necessary to strengthen the connection between law enforcement and execution, and those suspected of crimes should be transferred to relevant departments in a timely manner for criminal prosecution. It is necessary to strictly implement the “double supervision” of institutions and personnel.
(II) Severe crackdowns on unqualified patent agents. Those who have a large amount of illegal income, act as agents for abnormal patent applications, deliberately transfer or destroy evidence, or refuse to cooperate with the investigation shall be fined a high multiple or the maximum amount in accordance with the law. At the same time, patent agencies that rent or lend their qualifications shall also be punished.
(III) Severely crack down on illegal and irregular behaviors of trademark agents. Intellectual property management departments in all regions should work with relevant departments to increase the coordination of supervision and law enforcement, and focus on cracking down on behaviors such as malicious preemptive registration of trademarks, hoarding of trademarks, application for registration of trademarks with major adverse effects, and malicious “three withdrawals” [cancellation requests of trademarks for non-use after three consecutive years].
(IV) Strictly regulate the solicitation of patent and trademark agency business. Intellectual property management departments in all regions should increase the intensity of Internet information monitoring, continue to monitor agency business solicitation information and collect evidence of illegal and irregular behaviors. For irregular solicitation of agency business, relevant institutions should be promptly ordered to make rectification within a time limit; for search engines, e-commerce platforms, forums and other Internet platform companies that publish agency business solicitation information, they should be urged to improve their internal screening management system, actively regulate the display content, and promptly shut down illegal agency shops and delete illegal information links.
(V) Strengthen rectification efforts for institutions that do not meet the licensing and filing conditions. Local intellectual property management departments should strengthen daily supervision and filing management of patent agencies and their branches. For patent agencies that do not meet the licensing conditions for a long time, urge them to promptly and properly handle the unfinished business and submit it to the National Intellectual Property Administration for handling.
(VI) Organize a cleanup of patent agents’ “hanging certificates” behavior [renting out patent bar registration numbers]. Organize a comprehensive investigation of patent agents suspected of “hanging certificates”. If patent agencies arbitrarily sign in the name of “hanging certificate” personnel to handle abnormal patent applications, local intellectual property management departments must severely handle them in accordance with laws and regulations.
2. Supply and demand are mutually driven to improve agent quality
(I) Strengthen policy guidance. Local intellectual property management departments should guide relevant units to adjust and improve internal management systems and relevant incentive policies in conjunction with special actions on patent transformation and utilization, and effectively avoid new abnormal patent applications.
(II) Standardize bidding behavior. Local intellectual property management departments should work with government procurement authorities to vigorously promote the “Patent and Trademark Agency Service Government Procurement Demand Standards (Trial)” and the model text of agency engagement contracts, carry out extensive and in-depth publicity activities, and promote state-owned enterprises, institutions, intellectual property power building demonstration units, listed companies, large private enterprises and other innovative entities to refer to and use them, and effectively improve the level of agency procurement and management. It is necessary to guide innovative entities to establish and improve a hierarchical and classified management mechanism for intellectual property agency services, and promote the realization of “high quality and high price” for agency services.
(III) Improve service capabilities. Intellectual property management departments in various regions should supervise and guide patent agencies to improve their internal management systems, improve service quality control mechanisms, implement the patent agent signature responsibility system, and improve their business capabilities such as patent writing, search and analysis, and technical understanding. Guide agencies to strengthen the compliance application of new technologies and improve their professional, digital, and intelligent levels. Encourage patent agencies to establish a service concept oriented towards promoting the industrialization of patents, expand service areas, innovate service models, and provide integrated patent transformation and application solutions. Relying on intellectual property service industry clusters, intellectual property service export bases, etc., we will increase the cultivation of foreign-related intellectual property service agencies, encourage them to conduct business abroad through the establishment of branches and joint operations, and provide high-quality and efficient intellectual property services for overseas enterprises.
III. Improve the working mechanism and strengthen the supervision system
(I) Deepen credit supervision. Intellectual property management departments in various regions should strictly implement the regulations on patent agency credit evaluation management, ensure that credit information is “fully returned” and credit evaluation is “fully evaluated”; strengthen the use of credit evaluation results, refine and improve the local incentives for credit keeping and restrictions on credit breaking, and promote the realization of “one place of credit breaking, restrictions everywhere”. Pilot areas for trademark agency credit evaluation management should organize pilot work in a solid manner, strengthen training and guidance for municipal and county intellectual property management departments, increase publicity and public disclosure of credit results information, and ensure that the pilot work achieves practical results.
(II) Strengthen coordinated supervision. Intellectual property management departments in various regions should further improve the cross-departmental coordination mechanism, and work with relevant departments to carry out joint inspections and joint law enforcement of intellectual property agencies. Continue to improve the cross-regional coordinated supervision mechanism, strengthen information exchange, experience sharing, supervision interaction, and mutual recognition of evaluation, and smooth the working mechanisms such as cross-provincial cooperation, law enforcement assistance, and case transfer. Encourage and support cross-regional exchanges and cooperation in intellectual property agency supervision, and continue to consolidate the national “one chessboard” working situation [Xi Jinping Thought: centralized, coordinated, and strategic governance, emphasizing a holistic view where all parts work together towards a unified national goal]. Strengthen cooperation and coordination with the Intellectual Property Protection Center, promptly inform the Intellectual Property Protection Center of information such as penalties and breach of trust of agencies, and promptly collect clues of illegal and irregular agency behaviors found in patent pre-examination business and deal with them in a coordinated manner.
(III) Innovate supervision methods. Intellectual property management departments in various regions should strengthen smart supervision, make full use of new technologies and tools such as artificial intelligence, collect various information on agencies and practitioners, build a multi-dimensional evaluation system, establish and improve the quality monitoring mechanism of agencies, and promote the transformation of the supervision model from “passive response” to “active prevention” based on “catching problems early and catching small problems”. We should continue to strengthen the publicity of information on agencies and practitioners, facilitate the public to inquire and compare, and promote the realization of the survival of the fittest in the market. We encourage the exploration of the filing of patent agency engagement contracts and other work, actively adopt non-site supervision methods such as remote inspection, and promote the realization of “ubiquitous and non-intrusive” supervision.
(IV) Enhance supervision capabilities. Local intellectual property management departments should organize rotation training for front-line agency supervision case handlers, accelerate the establishment of a database of key case handlers and consulting experts, and consolidate the talent base and professional support for agency supervision and law enforcement. Localities are encouraged to actively promote patent agency entrusted supervision, entrust the supervision functions of provincial patent agencies to the municipal level(districts under the jurisdiction of municipalities directly under the central government), and strengthen grassroots supervision. Localities are encouraged to establish and improve the intellectual property agency supervision regulations and systems, and formulate and issue the administrative penalty discretion benchmarks for intellectual property agencies in their regions in accordance with the law.
IV. Strengthen publicity and education to create a favorable atmosphere
(I) Increase publicity and guidance efforts. Intellectual property management departments in various regions should adhere to the principle of giving equal importance to supervision and law enforcement and publicity and education, and combine various activities such as the “National Intellectual Property Publicity Week”, “Intellectual Property Service Tour”, and “China Brand Day” to strengthen the publicity and implementation of laws and regulations related to intellectual property agency, tell good “industry stories”, and actively publicize the important role of the intellectual property agency industry in serving technological innovation and trademark brand building, promoting the development of new quality productivity, and promoting high-level opening up, so as to enhance the positive image of the industry. Encourage local governments to organize intellectual property agency professional skills competitions, intellectual property agency campus special recruitment and other activities according to local conditions to increase the attractiveness of the agency industry to high-quality talents. Encourage local governments to innovate publicity methods, expand publicity channels, release publicity films for the intellectual property agency industry and short videos of special rectification actions, create a good public opinion atmosphere for combating illegal agency behaviors, and guide the public to improve their identification ability and actively choose high-quality agency services.
(II) Create a good industry atmosphere. Intellectual property management departments in various regions should increase the exposure of warning cases of intellectual property agency, explain the law through cases, popularize the law through cases, and guide agencies to operate in accordance with the law and in good faith. Together with industry organizations, they should carry out self-discipline initiatives and industry style building activities for standardized operations, vigorously promote the list of prohibited practices for patent and trademark agency, and guide agencies to consciously accept social supervision. Organize and carry out professional ethics and professional discipline education for patent agents and trademark agents, strengthen education and training for newly established agencies and first-time practicing patent agents, and continuously enhance practitioners’ sense of responsibility and sense of professional honor.
The National Intellectual Property Administration will continue to strengthen supervision and guidance on the agency supervision work of local intellectual property management departments, organize exchanges and discussions, cross-regional joint supervision and other promotion activities, and regularly report progress and useful experiences.
Cyberspace Administration of China Cracks Down on Improper Use of Minors’ Images
Since the beginning of 2025, the Cyberspace Administration Authority (“Authority”) has continued to strengthen the protection of minors on the Internet and clean up illegal and undesirable information that uses the images of minors, as well as removing non-compliant accounts.
The Authority has requested that platform operators increase their efforts to identify and combat signs of violations and rigorously examine the content of information involving minors posted on their platform. The Authority has taken measures that include banning accounts and canceling profit-making privileges for accounts, shutting down more than 11,000 accounts on the basis of legal violations.
Regulation Round Up: April 2025
Welcome to the UK Regulation Round Up, a regular bulletin highlighting the latest developments in UK and EU financial services regulation.
Key Developments in April 2025:
29 April
ESG: The FCA updated its webpage on its consultation paper on extending the sustainability disclosure requirements (“SDR”) and investment labelling regime to portfolio managers (CP24/8). In the light of feedback received, it has decided that it is not the right time to finalise rules on extending the regime to portfolio managers.
Cryptoassets: The European Securities and Markets Authority (“ESMA”) published its final report on guidelines relating to supervisory practices for national competent authorities to prevent and detect market abuse under Article 92(2) of the Regulation on markets in cryptoassets ((EU) 2023/1114).
24 April
Regulatory Capital: The FCA has published a consultation paper on the definition of capital for investment firms (CP25/10). CP25/10 outlines the FCA’s proposals to simplify and consolidate the rules as they relate regulatory capital.
17 April
Listing Regime: The FCA has published Primary Market Bulletin No 55 which addresses proposed changes to the listing regime.
16 April
ESG: The Omnibus I Directive (EU) 2025/794 amending Directives (EU) 2022/2464 and (EU) 2024/1760 as regards the dates from which member states are to apply certain corporate sustainability reporting and due diligence requirements was published in the Official Journal of the European Union. Please refer to our dedicated article on this topic here.
15 April
AIFMD 2.0: ESMA has published final reports setting out the final guidelines and draft technical standards on liquidity management tools under the Directive amending the Alternative Investment Fund Managers Directive (2011/61/EU) (“AIFMD”) and the UCITS Directive (2009/65/EC) ((EU) 2024/927) (“AIFMD 2.0”). Please refer to our dedicated article on this topic here.
14 April
Regulatory Initiatives Grid: The Forum members (the Bank of England, the Prudential Regulatory Authority, the FCA, the Payment Systems Regulator, the Competition and Markets Authority, the Information Commissioner’s Office, the Pensions Regulator, and the Financial Reporting Council) published a joint regulatory initiatives grid relevant to the financial services sector.
11 April
FCA Regulatory Perimeter: HM Treasury has published a policy paper containing a record of the meeting between the Economic Secretary to the Treasury and the Chief Executive of the FCA. The purpose of the meeting was to discuss the FCA’s perimeter and the issues set out in its December 2024 report.
Trading Platforms: The FCA has published a webpage summarising the findings from its multi-firm review of trading apps (also more commonly known as “neo-brokers”).
10 April
ESG: ESMA has published a risk analysis report on the increased incorporation of ESG terms into fund names and its impact on investment flows.
MiFID II: ESMA has published a final report on regulatory technical standards supplementing the Markets in Financial Instruments (“MiFID II”) Directive (2014/65/EU) to specify the criteria for establishing and assessing the effectiveness of investment firms’ order execution policies.
9 April
Artificial Intelligence: The Financial Policy Committee published a report on artificial intelligence in the financial system.
ESG: ESMA has published a final report setting out its analysis and conclusions on a common supervisory action exercise conducted with the national competent authorities on ESG disclosures under the Benchmarks Regulation ((EU) 2016/1011).
8 April
MiFID II: ESMA has published a final report containing technical advice to the European Commission on amendments to the research provisions in the MiFID II Directive in the context of changes introduced by the Listing Act (ESMA35-335435667-6290).
FCA Strategy: The FCA has published it annual work programme for 2025/26, which sets out how it will deliver its four strategic priorities (to be a smarter regulator that is more efficient and effective, supporting growth, helping consumers navigate their financial lives and fighting financial crime).
7 April
UK AIFMD: The FCA has published a call for input and HM Treasury has published a consultation on the future regulation of alternative investment fund managers. Please refer to our dedicated article on this topic here.
3 April
ESG: The European Parliament plenary session formally adopted at first reading the stop-the-clock proposal for a Directive amending Directives (EU) 2022/2464 and (EU) 2024/1860 with respect to the dates from which member states are expected to align to corporate sustainability reporting and due diligence requirements.
ESG: The FCA has published a summary of the feedback it has received in relation to its discussion paper on finance for positive sustainable change (DP23/1) together with its response and next steps. Please refer to our dedicated article on this topic here.
1 April
Short Selling: The FCA published an updated version of its webpage on the notification and disclosure of net short positions.
Motor Finance: The FCA has published its written submissions to the Supreme Court in the appeal of the Court of Appeal decision in Johnson v FirstRand Bank Ltd (London Branch) t/a Motonovo Finance [2024] EWCA Civ 1282.
ESG: The EU Platform on Sustainable Finance has published a report on its first review of the Taxonomy Climate Delegated Act and the development of technical screening criteria for a list of new economic activities.
Additional Authors: Sulaiman Malik and Michael Singh
Canada Implements Temporary Employment Insurance Measures Responsive to Economic Impacts of Trade War
Quick Hits
The Canadian government has amended the Employment Insurance Act to temporarily suspend certain repayment rules for severance payments due to job separations occurring between March 30, 2025, and October 11, 2025.
Employees who receive both severance pay and employment insurance benefits during the specified period will not have to repay their employment insurance benefits.
Repayment obligations for employment insurance can still apply to terminations before March 30, 2025, even if severance payments are made after that date.
Of particular interest to employers and employees, the temporary measures suspend certain rules relating to monies paid because of a temporary or permanent separation from employment. These temporary rules will apply to any monies paid as a result of a separation of employment that occurs between March 30, 2025, and October 11, 2025.
The temporary measures outline that severance payments made because of a separation between these dates will no longer trigger repayment obligations where an individual receives both severance pay and employment insurance benefits. Previously, an employee who had received employment insurance payments and later received severance payments would have a repayment obligation. A similar suspension of repayment obligations was implemented in response to the deleterious effects of COVID-19.
Employment insurance repayment obligations can still apply to any termination of employment that occurred before March 30, 2025, even if payments are made after that date.
These changes will certainly be relevant in assessing severance packages and termination settlements, but for the time period outlined above, it appears that employees will be able to keep both employment insurance benefits and termination pay.
UK’s Collective Licensing Initiative Aims to Harmonize AI and Copyright Law
In a significant move to address the tension between copyright and generative artificial intelligence (AI), the UK’s Copyright Licensing Agency (CLA), Authors’ Licensing and Collecting Society (ALCS), and Publishers’ Licensing Services (PLS) have announced plans to launch a collective licensing framework for AI training. The opt-in license would allow AI developers to use text-based published works—such as books, journals, and magazines—for training, fine-tuning, and retrieval-augmented generation (RAG) while ensuring that creators are compensated. The license is expected to roll out in Q3 2025, following further consultation with publishers.
The UK government’s consultation “Copyright and Artificial Intelligence” acknowledged that current UK copyright law leaves both rights holders and AI developers navigating uncertainty. It proposed two main solutions: (1) strengthened rights reservation mechanisms and (2) a fallback copyright exception for AI training where rights were not reserved. However, rights holders strongly opposed a “catch-all” exception, arguing it would erode transparency and remuneration. Their opposition helped catalyze the development of this licensing framework as a market-based alternative.
The framework is being built collaboratively by CLA, ALCS (representing authors), and PLS (representing publishers). CLA—already the UK’s recognized collective management organization for text content—would administer the license, collecting and distributing fees to right holders after operational costs. It would cover a broad range of text-based published works under CLA’s mandate, streamlining permissions for AI developers where individual negotiations would be impractical. Rights holders would affirmatively opt in by registering works, while unregistered works would remain outside the license’s scope. This would apparently avoid the “opt-out” burden creators criticized in the government’s exception proposal, instead requiring affirmative consent to participate.
Importantly, the proposed collective license is intended to complement, not replace, direct bespoke licensing deals between large publishers or rights holders and AI firms. It provides an accessible fallback particularly for smaller creators and independent publishers who may otherwise struggle to negotiate individually.
An initial phase of publisher consultation has already concluded, with a second round scheduled for later in 2025. The framework’s rollout will follow the launch of related TDM and workplace-use licenses slated to commence on May 1, 2025. Exact compensation models are still under negotiation but will aim to balance affordability for AI developers against fair, sustainable remuneration for creators. License fees collected will be allocated among ALCS and PLS members based on established distribution rules.
The framework is accompanied by the development of a national rights reservation registry, intended to facilitate machine-readable licensing metadata and help signal licensing preferences at scale. Licensees would also be subject to robust transparency requirements, including reporting on the works used, methods of content acquisition, and downstream uses, with the ultimate goal of reinforcing trust between the creative industries and AI developers.
Although UK-focused, the licensing framework is being designed with international interoperability in mind, offering access to licensed content to AI developers worldwide, including US-based firms. If successful, it could serve as a model for future cross-border AI licensing solutions.
The UK’s proposed collective licensing framework represents a pragmatic approach to reconciling the needs of AI innovation with the requirements of copyright law. While the implementation process is likely to raise novel challenges, the initiative is designed to provide voluntary, transparent, and scalable alternative to statutory exceptions in the UK; protecting the economic interests of creators while enabling responsible AI development. If successful, it may offer valuable insights for other jurisdictions seeking to balance technological advancement with the protection of creative rights.
Listen to this post
Not What You Think: Some Trump Tariffs Exempt Your Goods from Other Trump Tariffs
Some importers are finding, to their surprise, that the Trump Administration’s 25% tariffs on aluminum and steel create an exemption from the 125% tariffs on Chinese goods.
The Trump tariff agenda has been complex, to say the least. But as with any complex system, it is important to pay attention to the details.
The detail we focus on today is that goods subject to the 25% Section 232 steel and aluminum tariffs, regardless of the steel and aluminum content, are exempt from the “reciprocal” tariffs imposed under the International Emergency Economic Powers Act (IEEPA). For imports from most countries, this is a bad thing (since the IEEPA tariff is currently 10% for most countries, so the 25% Section 232 tariff is much worse). But for goods from China (which are subject to a 125% reciprocal tariff), the 25% steel and aluminum tariffs are actually a relief.
This outcome is unlike most of the other Trump Administration tariff programs, which may be additive with one another in certain circumstances. Here is the rare case where it may be beneficial to have two tariffs that could potentially apply to your goods.
Here is how it breaks down:
The original reciprocal tariff order exempted Section 232 goods. These tariffs were issued by Executive Order (EO) 14257 on April 2, 2025. The reciprocal tariff EO contained the following provisions:
Goods from virtually all countries were subject to a “reciprocal” tariff at what was referred to as the “baseline” tariff rate of 10% ad valorem (i.e., 10% of the declared value of the goods).
Among other exemptions, articles subject to the Section 232 steel and aluminum tariffs were exempt from the 10% baseline rate. Sec. 3(b) of the EO states that “the following goods as set forth in Annex II to this order, consistent with law, shall not be subject to the ad valorem rates of duty under this order: . . . (ii) all articles and derivatives of steel and aluminum subject to the duties imposed pursuant to section 232 [as amended].”
The baseline tariffs were intended to be raised to higher levels on a country-specific basis (as listed in Annex I of the order) on April 9, 2025.
President Trump’s April 9, 2025 “pause” order maintained 10% reciprocal tariffs on most countries, but imposed a 125% reciprocal tariff on Chinse goods. The order left untouched the critical provision exempting Section 232 goods from all reciprocal tariffs.
Guidance issued by U.S. Customs and Border Protection (CBP) on April 4 and modified on April 9, 2025 clarifies that the Section 232 goods remain exempt from the reciprocal tariffs. The guidance provides as follows:
EXCEPTIONS:
“Until further notice, for all imported merchandise that is entered for consumption [after certain effective dates], then one of the following HTSUS secondary classifications must be declared, to specify the particular exception pursuant to which the reciprocal tariff in heading 9903.01.25 [the 10% tariff] or 9903.01.43 – 9903.01.76 [the country-specific tariffs] does not apply to the imported articles that are excluded from the additional ad valorem duties:…”
One of the exceptions is goods that fall under HTS “9903.01.33: Articles of iron or steel, derivative articles of iron or steel . . . of any country, subject to Section 232 actions.”
Further CBP guidance issued on April 10, 2025 provided additional clarity exempting Section 232 steel and aluminum articles from the 125% China reciprocal tariff. It states:
“GUIDANCE: Imported products of China. . . other than those that fall within the identified exceptions included in [the April 9, 2025 guidance], entered for consumption, or withdrawn from warehouse for consumption [after effective date], are subject to the following HTSUS classification and additional ad valorem duty rate: 9903.01.63: Articles the product of China, including products of Hong Kong and Macau, will be assessed an additional ad valorem rate of duty of 125%.”
HTS 9903.01.33 falls under an identified exception in the April 9, 2025 guidance.
CBP FAQs issued on April 28, 2025 further clarify that goods subject to the 25% Section 232 steel and aluminum tariffs, regardless of the steel and aluminum content, are wholly exempt from the 125% tariff currently applied to imports from China.
Are importers expected to pay the reciprocal tariff on the value not declared as the steel content – and how would that be determined? Would the importer need to report an additional line for the non-steel value that may be subject to the reciprocal tariffs?
No, articles and derivatives of steel and aluminum subject to Section 232 duties are excluded from the reciprocal tariffs; pursuant to heading 9903.01.33, HTSUS. Refer to 90 FR 15041 (Apr. 7, 2025) and CSMS # 64680374 and # 64701128.
In looking at Annex III examples below, is the interpretation correct that the entire value is exempt from reciprocal tariffs and the country rate would not apply regardless of the iron, steel or aluminum content (as applicable in the derivative product)?
Examples:
(vii) The additional duties imposed by headings 9903.01.25, 9903.01.35, 9903.01.39, and 9903.01.43-9903.01.77 shall not apply to derivative iron or steel products provided for in headings 9903.81.89, 9903.81.90, 9903.81.91, 9903.81.92 and 9903.81.93.
(ix) The additional duties imposed by headings 9903.01.25, 9903.01.35, 9903.01.39, and 9903.01.43-9903.01.77 shall not apply to derivative aluminum products provided for in headings 9903.85.04, 9903.85.07, 9903.85.08 and 9903.85.09
Correct, in the scenarios above, the entire value is exempt from the reciprocal tariffs.
Taken together, the Executive Orders and related CBP guidance establish that if an article from China is subject to the 25% steel and aluminum tariff, it is exempt from the 125% reciprocal tariff for articles from China.
Moreover, depending on the type of article, the 25% Section 232 steel and aluminum tariff will either apply to the entire value of the article or only to its steel or aluminum content. We described how the Section 232 steel and aluminum tariffs apply in previous blog post. This means that in most cases the 25% tariff will only apply to the value of the steel or aluminum content, and not to the entire value of the good.
We note that other tariffs still apply (and apply to the whole value of the imported good). For example, all goods of China are still subject to the 20% tariff imposed March 3, 2025 related to the Fentanyl economic emergency. Additionally, there are tariffs on certain steel products from China under Section 301.
One further twist is what to do when the imported article is identified on the Section 232 steel and aluminum tariff order (by Harmonized Tariff number) but actually contains no steel or aluminum. Would those goods be exempt from the reciprocal tariff? That depends on what the term “regardless of the iron, steel or aluminum content”in the CBP FAQ means. On its face, “regardless” could be taken to mean that the article could contain zero percent iron or steel. If that article is nonetheless listed in the Section 232 order, and also is a product of China, some importers are taking the position that such an article is exempt from the China reciprocal tariff and also draws zero Section 232 duty (because the 232 duty applies only to the steel or aluminum content). The risk here is whether CBP might consider the article with zero aluminum or steel not to be “subject” to the 232 duty, even though it is listed in the Section 232 order.
We also note that importers always bear the duty of “reasonable care” in declaring the correct classification, value, origin, tariff program applicability, and all other aspects of the importation, under penalty of law. Therefore, it is crucial to ensure accuracy in these matters.
Listen to this post
ESG in 2025: Finding the Sweet Spot in a Complex World
With ESG regulation now well embedded across all major jurisdictions, the trend we see for 2025 is about increasingly sophisticated triangulation by private fund managers between the regimes that apply by default (such as mandatory corporate sustainability reporting), those that apply by choice (such as becoming an Article 8 fund within the meaning of the EU’s SFDR or the new for 2024 ESMA ESG Fund Name Guidelines – see summary here) and those that apply by third party request or expectation (such as reporting obligations within side letters). As regimes evolve, the ESG-approach of any fund once identified, chosen and defined must also take into account tracking developments and monitoring compliance.
The best advice to counter claims and penalties for greenwashing remains to “say what you do and do what you say” (as the SEC has advised). This, however, requires a manager to have a full record of what was said (including in historic side letters) and done (in policies and processes, both current and historic) and to appreciate what that means in the eyes of all relevant regulators and the eyes of investors. To support this, we often recommend that managers have a tailored definitions and concepts bank to ensure compliance across all relevant jurisdictions and an in-house understanding of what, for example, “sustainability” means for them.
Greenwashing has recently come to the fore with several high-profile targeted regulatory enforcement claims and actions, including Aviva Investments which was fined in Luxembourg – see blog here. This is noteworthy because it is the first penalty under SFDR imposed by the Luxembourg Commission de Surveillance du Secteur Financier (the CSSF) with Luxembourg continuing to be a very popular location for EU fund formation. Other asset managers are finding themselves the subject of campaigns by the third sector, for example by ClientEarth, designed to capture the focus of local regulators, with the French regulator, the Autorité des marchés financiers (the AMF), being a target as it positions itself as a thought leader in the EU, including in ESG matters.
The counter temptation – to greenhush (or play down ESG credentials) – may therefore seem appealing, as ESG strategies in investment decision-making become increasingly divisive, especially in certain US jurisdictions. Alongside this, the market has grown more sophisticated in its expectations and analysis of ESG disclosures and commitments. However, it is not always an option to greenhush when advisers or investments fall within scope of mandatory corporate sustainability reporting or sustainable finance requirements. One example is the Corporate Sustainability Reporting Directive, which if in scope is a complex disclosure exercise that can attract penalties for non-compliance at Member State level – including in some cases holding individual board members liable.
While the reports of the death of ESG in the US have been greatly exaggerated, as Mark Twain might say, 2025 may well be the year in which we see increased divergence between the EU, UK and US approaches. In the US, on one hand, the dedicated ESG task force within the SEC has been disbanded, but only because the topic is now largely embedded as core within the SEC divisions so that advisers should still expect to see ESG-related disclosures as a key examination topic, and several Blue State pension funds are honing in on increased ESG-related investment criteria. On the other hand, the predicted approach of the new Republican administration could be to follow President Trump’s lead, or he has previously described ESG investing as ‘radical left garbage’. A recent finding by a Texas federal court that an American Airlines 401(k) plan breached its duty of loyalty to investors by offering ESG investments – even if participants weren’t required to invest in such investments, appears to endorse this sentiment. Conversely in the UK, Chancellor Rachel Reeves, has committed to “sustainable finance” as one of the UK’s five priorities for the country Financial Services Growth and Competitiveness Strategy. In the EU, there is further divergence of approach with momentum to deepen sustainable finance disclosures under a SFDR 2.0, yet also calls from EU leaders to streamline sustainability requirements on financial market participants and businesses more broadly.
Private fund managers operating on an international level need to assess and understand their position in this global, interlocking and overlapping – and occasionally conflicting – web of rules and politics. With advisers, LPs, the fund vehicles and portfolio companies hailing from many different jurisdictions, this assessment is not necessarily simple or available off the shelf. However, a tailored and suitable assessment of risk, and appropriate use of ESG approaches can reap significant rewards in mitigating downsides and attracting investment.
Additional Authors: Seetha Ramachandran, Robert Sutton, Jonathan M. Weiss, William D. Dalsen, Rachel Lowe, Adam L. Deming, Adam Farbiarz and Hena M. Vora
EU Commission Consultation on ETS Expansion – Municipal Waste Incineration Among Areas of Consideration
On April 14, 2025, the European Commission launched a 12-week public consultation, inviting stakeholders to provide input on potential revisions to the Directive 2003/87/EC (EU ETS Directive). This consultation is a key step towards a comprehensive overhaul of the EU ETS framework, which is scheduled for revision in the third quarter of 2026.
The Commission has set a deadline of July 8, 2025, for stakeholders to submit their feedback.
This consultation is part of a broader impact assessment, which will evaluate the effectiveness, efficiency, relevance, and coherence of the EU ETS, as well as its EU added value in reducing greenhouse gas emissions. It also addresses the functioning of the Market Stability Reserve, which plays a crucial role in managing the supply-demand balance within the ETS.
The Commission’s consultation focuses on several key areas under review, including aviation and maritime emissions, carbon leakage, carbon removals, and, notably, the potential inclusion of municipal waste incineration within the ETS. These topics represent significant potential changes for industries subject to ETS regulations.
Municipal Waste Incineration
One of the most significant and contentious elements of the consultation is the potential inclusion of municipal waste incineration within the ETS. Under Article 30 of the EU ETS Directive, the Commission is required to present a report by July 31, 2026, assessing the feasibility of including waste incineration plants in the ETS starting from 2028. In this context, the Commission will also evaluate the potential inclusion of additional waste management processes within the scope of the EU ETS, specifically focusing on landfilling, which contributes to methane and nitrous oxide emissions. Such an assessment will consider the alignment with the established waste hierarchy.
This proposal has raised concerns within the waste industry, particularly in France, where several national federations, including Fnade, have voiced opposition. These stakeholders argue that the ETS is not suited for waste-to-energy facilities and other waste treatment operations, which they believe serve a public sanitation function. Unlike traditional energy producers, incineration plants cannot choose the waste they process, making it difficult to reduce direct greenhouse gas emissions. These concerns underscore the potential challenges of incorporating waste incineration into the ETS framework.
Implications for Industry Stakeholders
Since the forthcoming proposed changes could have far-reaching implications for various industries, it is critical for stakeholders, particularly those in the waste and energy sectors, to actively participate in the consultation. The potential inclusion of waste incineration in the EU ETS, in particular, is a matter of significant concern for companies operating in the waste-to-energy and waste treatment sectors. For businesses involved in these industries, it is essential to consider how these changes might impact their operations, compliance obligations, and overall environmental strategy.
At this stage, the consultation offers an opportunity to shape the future of the EU ETS framework before any final decisions are made. Stakeholders should assess the potential impact of these changes on their business and provide constructive feedback to the Commission. Furthermore, those wishing to propose amendments or seek representation during the public consultation phase should consider engaging counsel with expertise in these matters. We can provide this assistance and help ensure that your interests are effectively represented.
China Releases Status of Intellectual Property Protection in China Customs in 2024
On April 23, 2025, China’s General Administration of Customs released Status of Intellectual Property Protection in China Customs in 2024 (2024年中国海关知识产权保护状况) providing statistics on the detainment of good (both import and export) for infringing intellectual property rights. A total of 53,200 intellectual property protection measures were implemented throughout 2024, and 41,600 batches and 81,605,100 items of suspected infringing goods were actually detained, representing a plateau in growth.
Suspected Infringing Goods Detained by China Customs
Other data points include:
a total of 29,541 intellectual property customs protection filing applications were accepted throughout the year, and the total number of filing applications accepted for the first time was close to 30,000. 21,614 filing applications were reviewed and approved, of which 16,034 were filed by domestic right holders, an increase of 24.19% year-on-year.
Customs detained 41,300 batches and 76,390,100 pieces of goods suspected of infringing trademark rights, accounting for 99.5% and 93.57% of the batches and quantities of suspected infringing goods, respectively.
a total of 249,000 pieces and 4,995,900 pieces of goods suspected of infringing patent rights and copyrights were detained, an increase of 71.33% and 393.61% year-on-year, respectively.
Customs detained 41,200 batches and 80,333,700 pieces of suspected infringing goods at the export stage, accounting for 99.17% and 98.41% of all detained batches and pieces respectively; 345 batches and 1,301,500 pieces of suspected infringing goods were detained at the import stage, down 34.16% and 26.52% year-on-year respectively.
clothing, shoes and hats, electronic appliances, leather goods and bags still occupy the top three batches detained, with 21,600 batches, 5,500 batches and 4,800 batches respectively. In terms of detained quantity, electronic appliances, sports equipment, tobacco products and other goods occupy the top three, with 27.9661 million pieces, 11.0748 million pieces and 4.4631 million pieces respectively.
The full text is available here (Chinese only).