On July 12, 2024, the European Union published the language of its much-anticipated Artificial Intelligence Act (AI Act), which is the world’s first comprehensive legislation regulating the growing use of artificial intelligence (AI), including by employers.
Quick Hits
EU published the final AI Act, setting it into force on August 1, 2024.
The legislation treats employers’ use of AI in the workplace as potentially high-risk and imposes obligations for their use and potential penalties for violations.
The legislation will be incrementally implemented over the next three years.
The AI Act will “enter into force” on August 1, 2024 (or twenty days from the July 12, 2024, publication date). The legislation’s publication follows its adoption by the EU Parliament in March 2024 and approval by the EU Council in May 2024.
The groundbreaking AI legislation takes a risk-based approach that will subject AI applications to four different levels of increasing regulation: (1) “unacceptable risk,” which are banned; (2) “high risk”; (3) “limited risk”; and (4) “minimal risk.”
While it does not exclusively apply to employers, the law treats employers’ use of AI technologies in the workplace as potentially “high risk.” Violations of the law could result in hefty penalties.
Key Dates
The publication commences the timeline of implementation over the next three years, as well as outline when we should expect to see more guidance on how it will be applied. The most critical dates for employers are:
August 1, 2024 – The AI Act will enter into force.
February 2, 2025 – (Six months from the date of entry into force) – Provisions on banned AI systems will take effect, meaning use of such systems must be discontinued by that time.
May 2, 2025 – (Nine months from the date of entry into force) – “Codes of practice” should be ready, giving providers of general purpose AI systems further clarity on obligations under the AI Act, which could possibly offer some insight to employers.
August 2, 2025 – (Twelve months from the date of entry into force) – Provisions on notifying authorities, general-purpose AI models, governance, confidentiality, and most penalties will take effect.
February 2, 2025 – (Eighteen months from the date of entry into force) – Guidelines should be available specifying how to comply with the provisions on high-risk AI systems, including practical examples of high-risk versus not high-risk systems.
August 2, 2026 – (Twenty-four months from the date of entry into force) – The remainder of the legislation will take effect, except for a minor provision regarding specific types of high-risk AI systems that will go into effect on August 1, 2027, a year later.
Next Steps
Adopting the EU AI Act will set consistent standards across the EU nations. Further, the legislation is significant in that it is likely to serve as a framework for AI laws or regulations in other jurisdictions, similar to how the EU’s General Data Protection Regulation (GDPR) has served as a model in the area of data privacy.
In the United States, regulation of AI and automated decision-making systems has been a priority, particularly when the tools are used to make employment decisions. In October 2023, the Biden administration issued an executive order requiring federal agencies to balance the benefits of AI with legal risks. Several federal agencies have since updated guidance concerning the use of AI and several states and cities have been considering legislation or regulations.
The Buy American Act was originally passed by Congress in 1933 and has undergone numerous changes across several presidential administrations. While the core of the Act has essentially remained the same, requiring the U.S. government to purchase goods produced in the U.S. in certain circumstances, the domestic preference requirements have changed over the years. While the Buy American Act applies to direct government purchases, the separate (but similarly named) Buy America Act passed in 1982 imposes similar U.S. content requirements for certain federally funded infrastructure projects. Generally, the Buy American Act’s “produced in the U.S.” requirement ensures that federal government purchases of goods valued at more than $10,000 are 100% manufactured in the U.S. with a set percentage of the cost of components coming from the U.S. As of 2024, that set percentage has been increased to 65%. Therefore, the cost of domestic components must be at least 65% of the total cost of components to comply with the rule. Under the existing rules, the threshold will increase to 75% in 2029. These planned changes are consistent with the trend of increasing preferences for domestic goods over time (a trend that has continued across administrations from both sides of the political spectrum).
Unsurprisingly, protectionist policies favoring American production can produce similar protectionist measures enacted by foreign countries. The European Union’s (EU) European Green Deal Industrial Plan (sometimes referred to as the Buy European Act), which includes the Critical Raw Materials Act (CRMA) and the Net-Zero Industry Act (NZIA), were both formally adopted within the last few months. The NZIA, which was agreed upon in February, is aimed at the manufacture of clean technologies in Europe and sets two benchmarks for such manufacturing in the EU: (1) that 40% of the production needed to cover the EU will be domestic by 2030; and (2) that the EU’s production will account for at least 15% of the world’s production by 2040. The NZIA contains a list of net-zero technologies, including wind and heat pumps, battery and energy storage, hydropower, and solar technologies. The CRMA, adopted on March 18, sets forth objectives for the EU’s consumption of raw materials by 2030: that 10% come from local extractions; 40% to be processed in the EU; and 25% come from recycled materials. The CRMA also provides that “not more than 65% of the Union’s annual consumption of each strategic raw material at any relevant stage of processing from a single third country.”[1] While Europe’s new acts are perhaps more geared towards raw materials and clean technology, the U.S. and Europe’s concerted efforts to focus on domestic production will be something to watch for years to come. In particular, it is worth watching whether the recent EU measures generate a response from U.S. lawmakers. If so, it could accelerate the already increasing stringency of Buy American and Buy America requirements.
The single-permit directive enters into force on May 21, 2024, and EU member states have until May 21, 2026, to implement the terms of the directive domestically.
Member states will maintain the ability to decide which and how many third-country workers to admit to their labor market.
For Ethiopian nationals, the standard visa-processing period has been changed to 45 calendar days instead of 15. In addition, EU member states will no longer be able to waive certain requirements when issuing visas to Ethiopian nationals, including evidence that must be submitted to issue multiple-entry visas and visa fees for holders of diplomatic and service passports.
Background: As BAL previously reported, the directive currently in place was designed to attract additional skills and talent to the EU to address shortcomings within the legal migration system, provide an application process for EU countries to issue a single permit and establish common rights for workers from third countries. The revised law shortens the application procedure for a permit to reside for the purpose of work in a member state’s territory and aims to strengthen the rights of third-country workers by allowing a change of employer and a limited period of unemployment. The new agreement is part of the “skills and talent” package, which addresses shortcomings in legal migration policy and aims to attract greater foreign skilled talent.
The decision to tighten visa guidelines for Ethiopia is in response to an assessment by the EU Commission, which found that Ethiopian authorities have not fully cooperated with officials regarding readmission requests and difficulties persist in issuing emergency travel documents. The commission cited the organization of both voluntary and non-voluntary return operations as a determining factor in altering Ethiopia’s visa privileges within the European Union.
BAL Analysis: The single-permit directive is directed at non-EU nationals working in the EU and aims to create an environment where these individuals are treated equally regarding their working conditions, social security and tax benefits, and recognizing their unique qualifications.
As previously reported, regulations and restrictions on Foreign Direct Investment (“FDI”) have expanded quickly in the United States and in many of its trading partner countries around the world. FDI has been further complicated in the U.S. by the passage of individual State laws – often focused the acquisition of “agricultural land,” and in Europe by the passage of screening regimes by the individual Member States of the European Union (E.U.).
In 2023, fifteen U.S. States enacted some form of FDI restrictions on real estate. Some States elected to incorporate U.S. Federal regulations regarding who is prohibited from acquiring certain real estate, while other States have focused on broadly protecting agricultural lands. State laws also vary from those that prevent foreign ownership, to those that only require reporting foreign ownership.
Thus far Alabama, Arkansas, Florida, Idaho, Illinois, Iowa, Kansas, Kentucky, Louisiana, Maine, Minnesota, Mississippi, Missouri, Montana, Nebraska, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, and Wisconsin have passed laws related to FDI in real estate.
Alabama, Arkansas, Florida, Illinois, Iowa, Kansas, Maine, Missouri, Ohio and Texas all currently require foreign investors to disclose acquisitions of certain real estate, much like the U.S. Federal Agricultural Foreign Investment Disclosure Act of 1978 (AFIDA). Arkansas, Illinois, Maine, and Wisconsin, actually allow acquirers to fulfill their reporting requirements by simply submitting a copy of applicable federal AFIDA reports. Texas currently only limits Direct Foreign Investment in certain “critical infrastructure.”
Ohio, Pennsylvania, South Carolina, South Dakota, and Wisconsin limit foreign investment in real estate based on the number of acres; while Iowa, Minnesota, Missouri, Nebraska, North Dakota, and Oklahoma ban foreign ownership of certain land completely.
The Alabama Property Protection Act (“APPA”), which went into effect in 2023, is one of the most expansive of the U.S. State laws, and which also incorporates U.S. Federal law. The APPA restricts FDI by a “foreign principal” in real estate related to agriculture, critical infrastructure, or proximate to military installations.
The APPA broadly covers acquiring “title” or a “controlling interest.” The APPA also broadly defines “foreign principal” as a political party and its members, a government, and any government official of China, Iran, North Korea, and Russia, as well as countries or governments that are subject to any sanction list of the U.S. Office of Foreign Assets Control (“OFAC”). The APPA defines “agricultural and forest property” as “real property used for raising, harvesting, and selling crops or for the feeding, breeding, management, raising, sale of, or the production of livestock, or for the growing and sale of timber and forest products”; and it defines covered “critical infrastructure” as a chemical manufacturing facility, refinery, electric production facility, water treatment facility, LNG terminal, telecommunications switching facility, gas processing plant, seaport, airport, aerospace and spaceport infrastructure. The APPA also covers land that is located within 10 miles of a “military installation” (of at least 10 contiguous acres) or “critical infrastructure.”
Notably, APPA does not specifically address whether leases are considered a “controlling interest,” nor does it specify enforcement procedures.
U.S. Federal Real Estate FDI
Businesses involved in the U.S. defense industrial base have been historically protected from FDI by the Committee on Foreign Investment in the United States (“CFIUS”). The Foreign Investment Risk Review Modernization Act of 2018 (FIRRMA) expanded those historic protections to include certain Critical Technologies, Critical Infrastructure, and Sensitive Data – collectively referred to as covered “TID.”
FIRRMA specifically expanded CFIUS to address national security concerns arising from FDI impacting critical infrastructure and sensitive government installations. Part 802 of FIRRMA established CFIUS jurisdiction and review for certain covered real estate, including real estate in proximity to specified airports, maritime ports, military installations, and other critical infrastructure. Later in 2022, Executive Order 14083 further expanded CFIUS coverage for certain agricultural related real estate.
Covered installations are listed by name and location in appendixes to the CFIUS regulations. Early this year, CFIUS added eight additional government installations to the 100-mile “extended range” proximity coverage of Part 802. The update necessarily captured substantially more covered real estate. Unlike covered Section 1758 technologies that can trigger a mandatory CFIUS filing, CFIUS jurisdiction for covered real estate currently remains only a voluntary filing. Regardless, early diligence remains critical to any transaction in the United States that may result in foreign ownership or control of real estate.
U.S. Trading Partners FDI Regimes
The U.S. is not alone in regulating FDI, or the acquisition of real estate by foreign investors. Canada, United Kingdom and the European Union have legislative frameworks governing foreign investment in business sectors, technology, and real estate. Almost all European Union Member States have some similar form of FDI screening.
Key U.S. trading partners that have adopted FDI regimes include, Australia, Austria, Belgium, China, Germany, France, Hungary, Ireland, Italy, Japan, Luxembourg, Netherlands, Poland, Singapore, Spain, and Sweden. What foreign parties, economic sectors, or technologies are covered vary from country to country. They also vary as to the notification and approval requirements.
The UK National Security and Investment Act (NSI Act) came into effect on 4 January 2022, giving the UK government powers to intervene in transactions where assets or entities are acquired in a manner which may give rise to a national security risk. There were over 800 notifications under the NSI during the previous 12-month reporting period. In November 2023 the Deputy Prime Minister Oliver Dowden published a call for evidence on the legislation which aims to narrow and refine the scope of powers to be more ‘business friendly’, given that very few notified transactions have not been cleared within 30 working days. We will revisit developments on this in 2024.
The UK has continued to implement other reforms to improve transparency of foreign ownership of UK property. Part of the UK Economic Crime (Transparency and Enforcement) Act 2022 requires the register of overseas entities. The register is maintained by Companies House and requires overseas entities which own land in the UK to disclose details of their beneficial owners. Failure to comply with the new legislation will impact any registration of ownership details at the UK Land Registry (and thus the relevant legal and equitable ownership rights in any relevant property) and officers of any entity in breach will also be liable to criminal proceedings.
Recommendations
Whether a buyer or a seller, all transactions involving FDI should include an analysis of the citizenship of the interested parties, the nature of the business, land and products, and the applicability of laws and regulations that can impact the parties, timing, or transaction.
On September 27, 2023, six “Portuguese young people” were heard by the European Court of Human Rights (ECtHR) in a lawsuit against 32 European governments, including all EU member states, alleging that their failure to act fast enough against climate change has violated the applicants’ human rights to life, physical and mental wellbeing. The applicants claim that the respondents are failing to fulfil their obligations under the Paris Agreement to limit global warming.
The original application cites a number of contributions to climate change made by the respondent states: (i) permitting the release of emissions within national territory and offshore areas over which they have jurisdiction; (ii) permitting the export of fossil fuels extracted on their territory; (iii) permitting the import of goods, the production of which involves the release of emissions into the atmosphere; and (iv) permitting organizations within their jurisdiction to contribute to the release of emissions overseas. Taken together, the applicants say, the respondents have contributed to climate change and, while mitigation measures have been adopted, contributions to adverse climate change continues. The applicants are seeking an order from ECtHR requiring the respondent governments to take more ambitious action.
Describing the impact on them, the applicants say that climate change has contributed to harm to human health. In an expert report commissioned to supplement their application, the applicants say that Portugal is already experiencing the impact of climate change, including an increase in mean and extreme high temperatures, with heatwaves becoming more frequent. As a result, the region is also prone to wildfires – 120 people died and 500,000 hectares of land were burned during wildfires preceded by heatwaves. Responding to the application, a lawyer on behalf of Greece claimed that climate change cannot be directly linked to an adverse impact on human health, stating “[the] effects of climate change, as recorded so far, do not seem to directly affect human life or human health.” Lawyers on behalf of Portugal stated that the applicants failed to provide evidence of the specific damages caused by climate change on their lives.
The case was originally filed in September 2020. The September 27 hearing was one of the largest before the ECtHR, with 22 judges and 86 government lawyers, and took place following one of the hottest summers on record in Europe. A decision is expected in 2024.
Taking the Temperature: The claims made in this case echo certain conclusions reached in the United Nations’ first global stocktake on parties’ achievements under the Paris Agreement. The UN acknowledged that although significant progress has been made, there is a crucial need for nations to significantly enhance their clean energy ambitions if they are to achieve their Paris-aligned objectives.
In July 2023, we discussed the Grantham Institute’s report on trends in climate litigation and the types of strategies being employed by claimants. One of these included so-called government framework actions in which plaintiffs focus on a government’s response to climate change and potentially, its failure to implement policies or legislation. The case brought by the six Portuguese young people falls squarely within this category.
In June 2023, we discussed the lawsuit filed by, among others, Greenpeace and 12 Italian citizens against ENI S.p.A. alleging that ENI knew of the detrimental effect of fossil fuel burning since around 1970 but through “lobbying and greenwashing” continued to encourage extraction, thereby contributing to climate change, and violating the citizens’ rights to life, health and private and family life. In March of this year, a group of Swiss citizens accused the Swiss government of infringing on the right to life and health of elderly women via its climate-related policies. The case is pending in the European Court of Human Rights.
Comparable cases have also been filed in the U.S. In Montana, 16 residents—ranging from ages 2 to 18—commenced litigation claiming that they “have been and will continue to be harmed by the dangerous impacts of fossil fuels and the climate crisis,” and that the defendants have violated the Montana Constitution by fostering and supporting fossil fuel-based energy policies in the state that led to these conditions. In September this year, the court struck down on state constitutional grounds certain provisions of the Montana Environmental Policy Act (MEPA), which restricted Montana from incorporating the impact of greenhouse gas emissions or other forms of climate change in environmental reviews. Similar constitution-based climate-related suits against state governments are pending in other U.S. states.
The EU’s General Data Protection Regulation (GDPR) applies to two types of entities – “controllers” and “processors.”
A “controller” refers to an entity that “determines the purposes and means” of how personal information will be processed.[1] Determining the “means” of processing refers to deciding “how” information will be processed.[2] That does not necessitate, however, that a controller makes every decision with respect to information processing. The European Data Protection Board (EDPB) distinguishes between “essential means” and “non-essential means.[3] “Essential means” refers to those processing decisions that are closely linked to the purpose and the scope of processing and, therefore, are considered “traditionally and inherently reserved to the controller.”[4] “Non-essential means” refers to more practical aspects of implementing a processing activity that may be left to third parties – such as processors.[5]
A “processor” refers to a company (or a person such as an independent contractor) that “processes personal data on behalf of [a] controller.”[6]
Data typically is needed to train and fine-tune modern artificial intelligence models. They use data – including personal information – in order to recognize patterns and predict results.
Whether an organization that utilizes personal information to train an artificial intelligence engine is a controller or a processor depends on the degree to which the organization determines the purpose for which the data will be used and the essential means of processing. The following chart discusses these variables in the context of training AI:
The following chart discusses these variables in the context of training AI:
Function
Activities Indicative of a Controller
Activities Indicative of a Processor
Purpose of processing
Why the AI is being trained.
If an organization makes its own decision to utilize personal information to train an AI, then the organization will likely be considered a “controller.”
If an organization is using personal information provided by a third party to train an AI, and is doing so at the direction of the third party, then the organization may be considered a processor.
Essential means
Data types used in training.
If an organization selects which data fields will be used to train an AI, the organization will likely be considered a “controller.”
If an organization is instructed by a third party to utilize particular data types to train an AI, the organization may be a processor.
Duration personal information is held within the training engine
If an organization determines how long the AI can retain training data, it will likely be considered a “controller.”
If an organization is instructed by a third party to use data to train an AI, and does not control how long the AI may access the training data, the organization may be a processor.
Recipients of the personal information
If an organization determines which third parties may access the training data that is provided to the AI, that organization will likely be considered a “controller.”
If an organization is instructed by a third party to use data to train an AI, but does not control who will be able to access the AI (and the training data to which the AI has access), the organization may be a processor.
Individuals whose information is included
If an organization is selecting whose personal information will be used as part of training an AI, the organization will likely be considered a “controller.”
If an organization is being instructed by a third party to utilize particular individuals’ data to train an AI, the organization may be a processor.
[1] GDPR, Article 4(7).
[1] GDPR, Article 4(7).
[2] EDPB, Guidelines 07/2020 on the concepts of controller and processor in the GDPR, Version 1, adopted 2 Sept. 2020, at ¶ 33.
[3] EDPB, Guidelines 07/2020 on the concepts of controller and processor in the GDPR, Version 1, adopted 2 Sept. 2020, at ¶ 38.
[4] EDPB, Guidelines 07/2020 on the concepts of controller and processor in the GDPR, Version 1, adopted 2 Sept. 2020, at ¶ 38.
[5] EDPB, Guidelines 07/2020 on the concepts of controller and processor in the GDPR, Version 1, adopted 2 Sept. 2020, at ¶ 38.
Adding to the momentum generated by other EU green initiatives, this directive could be the catalyst that also spurs the U.S. to approve stronger regulatory enforcement mechanisms to crackdown on greenwashing
This proposed directive overlaps the FTC’s request for comments on its Green Guides, including whether the agency should initiate a rulemaking to establish enforceable requirements related to unfair and deceptive environmental claims. The deadline for comments has been extended to April 24, 2023
The European Commission (EC) proposed the Green Claims Directive (GCD) on March 22, 2023, to crack down on greenwashing and prevent businesses from misleading customers about the environmental characteristics of their products and services. This action was in response, at least in part, to a 2020 commission study that found more than 50 percent of green labels made environmental claims that were “vague, misleading or unfounded,” and 40 percent of these claims were “unsubstantiated.”
This definitive action by the European Union (EU) comes at a time when the U.S. is also considering options to curb greenwashing and could inspire the U.S. to implement stronger regulatory enforcement mechanisms, including promulgation of new enforceable rules by the Federal Trade Commission (FTC) defining and prohibiting unfair and deceptive environmental claims.
According to the EC, under this proposal, consumers “will have more clarity, stronger reassurance that when something is sold as green, it actually is green, and better quality information to choose environment-friendly products and services.”
Scope of the Green Claims Directive
The EC’s objectives in the proposed GCD are to:
Make green claims reliable, comparable and verifiable across the EU
Protect consumers from greenwashing
Contribute to creating a circular and green EU economy by enabling consumers to make informed purchasing decisions
Help establish a level playing field when it comes to environmental performance of products
“any message or representation, which is not mandatory under Union law or national law, including text, pictorial, graphic or symbolic representation, in any form, including labels, brand names, company names or product names, in the context of a commercial communication, which states or implies that a product or trader has a positive or no impact on the environment or is less damaging to the environment than other products or traders, respectively, or has improved their impact over time.”
The GCD provides minimum requirements for valid, comparable and verifiable information about the environmental impacts of products that make green claims. The proposal sets clear criteria for companies to prove their environmental claims: “As part of the scientific analysis, companies will identify the environmental impacts that are actually relevant to their product, as well as identifying any possible trade-offs to give a full and accurate picture.” Businesses will be required to provide consumers information on the green claim, either with the product or online. The new rule will require verification by independent auditors before claims can be made and put on the market.
The GCD will also regulate environmental labels. The GCD is proposing to establish standard criteria for the more than 230 voluntary sustainability labels used across the EU, which are currently “subject to different levels of robustness, supervision and transparency.” The GCD will require environmental labels to be reliable, transparent, independently verified and regularly reviewed. Under the new proposal, adding an environmental label on products is still voluntary. The EU’s official EU Ecolabel is exempt from the new rules since it already adheres to a third-party verification standard.
Companies based outside the EU that make green claims or utilize environmental labels that target the consumers of the 27 member states also would be required to comply with the GCD. It will be up to member states to set up the substantiation process for products and labels’ green claims using independent and accredited auditors. The GCD has established the following process criteria:
Claims must be substantiated with scientific evidence that is widely recognised, identifying the relevant environmental impacts and any trade-offs between them
If products or organisations are compared with other products and organisations, these comparisons must be fair and based on equivalent information and data
Claims or labels that use aggregate scoring of the product’s overall environmental impact on, for example, biodiversity, climate, water consumption, soil, etc., shall not be permitted, unless set in EU rules
Environmental labelling schemes should be solid and reliable, and their proliferation must be controlled. EU level schemes should be encouraged, new public schemes, unless developed at EU level, will not be allowed, and new private schemes are only allowed if they can show higher environmental ambition than existing ones and get a pre-approval
Environmental labels must be transparent, verified by a third party, and regularly reviewed
Enforcement of the GCD will take place at the member state level, subject to the proviso in the GCD that “penalties must be ‘effective, proportionate and dissuasive.’” Penalties for violation range from fines to confiscation of revenues and temporary exclusion from public procurement processes and public funding. The directive requires that consumers should be able to bring an action as well.
The EC’s intent is for the GCD to work with the Directive on Empowering the Consumers for the Green Transition, which encourages sustainable consumption by providing understandable information about the environmental impact of products, and identifying the types of claims that are deemed unfair commercial practices. Together these new rules are intended to provide a clear regime for environmental claims and labels. According to the EC, the adoption of this proposed legislation will not only protect consumers and the environment but also give a competitive edge to companies committed to increasing their environmental sustainability.
ECOS lamented that “After months of intense lobbying, what could have been legislation contributing to providing reliable environmental information to consumers was substantially watered down,” and added that “In order for claims to be robust and comparable, harmonised methodologies at the EU level will be crucial.” Carbon Market Watch was disappointed that “The draft directive fails to outlaw vague and disingenuous terms like ‘carbon neutrality’, which are a favoured marketing strategy for companies seeking to give their image a green makeover while continuing to pollute with impunity.”
The EC’s proposal will now go to the European Parliament and Council for consideration. This process usually takes about 18 months, during which there will be a public consultation process that will solicit comments, and amendments may be introduced. If the GCD is approved, each of the 27 member states will have 18 months after entry of the GCD to adopt national laws, and those laws will become effective six months after that. As a result, there is a reasonably good prospect that there will be variants in the final laws enacted.
Will the GCD Influence the U.S.’s Approach to Regulation of Greenwashing?
The timing and scope of the GCD is of no small interest in the U.S., where regulation of greenwashing has been ramping up as well. In May 2022, the Securities and Exchange Commission (SEC) issued the proposed Names Rule and ESG Disclosure Rule targeting greenwashing in the naming and purpose of claimed ESG funds. The SEC is expected to take final action on the Names Rule in April 2023.
Additionally, as part of a review process that occurs every 10 years, the FTC is receiving comments on its Green Guides for the Use of Environmental Claims, which also target greenwashing. However, the Green Guides are just that – guides that do not currently have the force of law that are used to help interpret what is “unfair and deceptive.”
It is particularly noteworthy that the FTC has asked the public to comment, for the first time, on whether the agency should initiate a rulemaking under the FTC Act to establish independently enforceable requirements related to unfair and deceptive environmental claims. If the FTC promulgates such a rule, it will have new enforcement authority to impose substantial penalties.
The deadline for comments on the Green Guides was recently extended to April 24, 2023. It is anticipated that there will be a substantial number of comments and it will take some time for the FTC to digest them. It will be interesting to watch the process unfold as the GCD moves toward finalization and the FTC decides whether to commence rulemaking in connection with its Green Guide updates. Once again there is a reasonable prospect that the European initiatives and momentum on green matters, including the GCD, could be a catalyst for the US to step up as well – in this case to implement stronger regulatory enforcement mechanisms to crackdown on greenwashing.
For EU and UK trademarks, there is a five-year grace period following the issuance of a registration, during which the trademark owner must use the mark in connection with the goods and/or services covered by the registration before it can be challenged (and potentially ultimately revoked) for non-use with such goods and/or services. Some trademark owners have tried to take advantage of this by re-filing their previously registered trademarks for exactly the same goods and/or services just before the five-year grace period ends as a means of extending this grace period. This is commonly referred to as “evergreening.”
In Hasbro v EUIPO1, the General Court has upheld the EUIPO Board of Appeal’s decision that repeat filing of trademarks can result in bad faith applications. While it is true that evergreening doesn’t always mean bad faith, where it can be demonstrated that an applicant’s intention for filing a trademark application is to dodge showing genuine use of a mark more than five years old, then bad faith may be established.
Bad faith?
In legal terms, “bad faith” goes back in time and considers a trademark owner’s intention at the time it applied for the trademark. If the intention was to weaken the interests of third parties or obtain a trademark registration for reasons that are unrelated to the trademark itself, then this might result in bad faith. In Hasbro, the question of whether the board game conglomerate acted in bad faith hinged on whether Hasbro’s repeat filings of the MONOPOLY trademark, to avoid showing genuine use of the mark, amounted to bad faith.
Hasbro v EUIPO
When Hasbro filed its MONOPOLY trademark yet again, specifying goods and services near-identical to its earlier filing, the General Court said the application was made in bad faith, as Hasbro’s intention was to prolong the five-year grace period allowed for establishing use.
Although the case was initially rejected by the Cancellation Division of the EUIPO, the EUIPO Board of Appeal partially invalidated Hasbro’s EU Registration for the MONOPOLY mark. A key factor of the General Court’s decision supporting the EUIPO Board of Appeal’s verdict was Hasbro’s admission that its motivation for re-filing was to avoid potential costs that would be incurred to show genuine use of the MONOPOLY trademark.
Impact
The Hasbro case is setting precedent in both the European and UK courts. Although the Hasbro case came along post-Brexit, it is still considered “good law” in the English courts.
In a recent dispute between the two supermarket chains Tesco and Lidl2, Tesco argued that Lidl’s wordless version of its logo should be invalidated, as the mark had never been used and Lidl was periodically re-filing it to avoid having to prove genuine use. Tesco’s counterclaim was struck out in the High Court as Tesco had not made a clear-cut case for bad faith. However, the Court of Appeal allowed Tesco’s appeal and maintained that it was possible bad faith had occurred. This forced Lidl to explain its intentions when filing the mark, which is consistent with the Hasbro case. Tesco’s bad faith allegation will now be assessed at the substantive trial later this year. This will be watched closely by brand-owners and practitioners hoping for further guidance on evergreening and specifically where re-filings amount to bad faith.
In Sky v SkyKick3, the Court of Appeal said that a trademark applicant can have both good and bad reasons for applying to register trademarks. However, trademark filings that are submitted underhandedly, particularly where dishonesty is the main objective of filing the application in the first place, should be invalidated.
Bad faith beware!
The Hasbro v EUIPO decision has resulted in brand owners and trademark lawyers taking greater care when re-filing trademarks. It is important to highlight though, that re-filing a trademark is allowed. It is only when it can be established that an applicant’s intention at the point of re-filing the mark was to skirt use requirements, that bad faith can be found.
Brands looking to file new, or re-file existing, trademarks, should ensure they have a clear trademark strategy. Also consider retaining and recording: (1) evidence of genuine use of your marks; and (2) your reasons for re-filing any existing trademarks.
1 21/04/2021, Case T‑663/19, ECLI:EU:T:2021:211 (Hasbro, Inc. v European Union Intellectual Property Office)
2 Lidl Great Britain Limited v Tesco Stores Limited [2022] EWHC 1434 (Ch)
3 Sky Limited (formerly Sky Plc), Sky International AG, Sky UK Limited v SkyKick, UK Ltd, SkyKick, Inc [2021] EWCA Civ 1121, 2021 WL 03131604
On December 23, 2022, Regulation (EU) 2022/2560 of December 14, 2022 on foreign subsidies distorting the internal market (FSR) was published in the Official Journal of the European Union. The FSR introduces a new regulatory hurdle for M&A transactions in the European Union (EU), in addition to merger control and foreign direct investment screening. The FSR’s impact cannot be overstated as it introduces two mandatory pre-closing filing regimes and it gives the Commission wide-reaching ex officio investigative and intervention powers. Soon, the Commission will also launch a public consultation on a draft implementing regulation that should further detail and clarify a number of concepts and requirements of the FSR.
The bulk of the FSR will apply as of July 12, 2023. Importantly, the notification requirements for M&A transactions and public procurement procedures will apply as of October 12, 2023.
We highlight the key principles of the FSR below and provide guidance to start preparing for the application of the FSR. We refer to our On The Subject article ‘EU Foreign Subsidies Regulation to Impact EU and Cross-Border M&A Antitrust Review Starting in 2023’ of August 2, 2022 for a more detailed discussion of the then draft FSR. We also refer to our December 8, 2022 webinar on the FSR. Given the importance of the FSR, we will continue to report any future developments.
IN DEPTH
FSR in a Nutshell
The FSR tackles ‘foreign subsidies’ granted by non-EU governments to companies active in the EU and which ‘distort the internal market’.
First, a ‘foreign subsidy’ will be considered to exist where a direct or indirect financial contribution from a non-EU country or an entity whose actions can be attributed to a non-EU country (public entities or private entities) confers a benefit on an undertaking engaging in an economic activity in the EU internal market, and where that benefit is not generally available under normal market conditions but is, instead, limited, in law or in fact, to assisting one or more undertakings or industries. A ‘financial contribution’ covers a broad spectrum and encompasses, amongst others, positive benefits such as the transfer of funds or liabilities, the foregoing of revenue otherwise due (e.g., tax breaks, the grant of exclusive rights below market conditions, or the provision or purchase of goods or services).
Second, a ‘distortion in the internal market’ will be considered to exist in case of a foreign subsidy which is liable to improve the competitive position of an undertaking and which actually or potentially negatively affects competition in the EU internal market. The Regulation provides some guidance on when a foreign subsidy typically would not be a cause for concern:
– A subsidy that does not exceed EUR 200,000 per third country over any consecutive period of three years is considered de minimis and therefore not distortive;
– A foreign subsidy that does not exceed EUR 4 million per undertaking over any consecutive period of three years is unlikely to cause distortions; and
– A foreign subsidy aimed at making good/recovering from the damage caused by natural disasters or exceptional occurrences may be considered not to be distortive.
The FSR looks at ‘undertakings’, as is the case for merger control. Therefore, the Commission will not look merely at the legal entity concerned, but at the entire corporate group to which the entity belongs in order to calculate the total amount of foreign financial contributions granted to the undertaking. Even companies headquartered in the EU that have entities outside of the EU that have received foreign financial contributions are covered by the FSR.
The FSR introduces three tools for the European Commission (Commission): (i) a notification requirement for certain M&A transactions, (ii) a notification requirement for certain public procurement procedures (PPP) and (iii) investigations on a case by case basis.
Notification Requirement for Certain M&A Transactions
M&A transactions (or “concentrations”) involving a buyer and/or a target that has received a foreign financial contribution shall be notifiable if they meet the following cumulative conditions:
At least one of the merging undertakings, the acquired undertaking (target, not buyer) or the joint venture is established in the EU and has an EU turnover of at least EUR 500 million, AND
The combined aggregate financial contributions provided to the undertakings concerned in the three financial years (combined) prior to notification amounts to more than EUR 50 million.
M&A transactions that meet these criteria will need to be notified and approved by the Commission prior to implementation. During its review, the Commission will determine whether the foreign financial contributions received constitute foreign subsidies in the sense of the FSR and whether these foreign subsidies actually or potentially distort or negatively affect competition in the EU internal market. The Commission likely will consider certain indicators including the amount and nature of the foreign subsidy, the purpose and conditions attached to the foreign subsidy as well as its use in the EU internal market. For example, in a case of an acquisition, if a foreign subsidy covers a substantial part of the purchase price of the target, the Commission may consider it likely to be distortive.
Notification Requirement for Certain Public Procurement Procedures
A notifiable foreign financial contribution in the context of PPP shall be deemed to arise where the following cumulative conditions are met:
The estimated value of the public procurement or framework agreement net of VAT amounts to at least EUR 250 million, AND
The economic operator was granted aggregate foreign financial contributions in the three financial years prior to notification of at least EUR 4 million from a non-EU country.
Where the procurement is divided into lots, the value of the lot or the aggregate value of all lots for which the undertaking bids for must, in addition to the two criteria set out above, also amount to at least EUR 125 million.
Through this procedure, the Commission will ensure that companies that have received non-EU country subsidies do not submit unduly advantageous bids in public procurement procedures.
During the Commission’s review, all procedural steps may continue except for the award of the contract.
Even if the thresholds are not met, the Regulation requires undertakings to provide to the contracting authority in a declaration attached to the tender a list of all foreign financial contributions received in the last three financial years and to confirm that these are not notifiable, which the contracting authority will subsequently send to the Commission.
Investigations on a Case-by-case Basis
The Commission may on its own initiative investigate potentially distortive foreign subsidies (e.g. following a complaint). These investigations are not limited to M&A transactions or PPP. However, on the basis of this power, the Commission may investigate M&A transactions and awarded contracts under PPP which do not fall within the scope of the notification requirements set out above.
If the Commission carries out an ex-officio review, its analysis will be structured in two phases: a preliminary examination and an in-depth investigation. Although these phases have no time limits, the Commission will endeavor to take a decision within 18 months of the start of the in-depth investigation.
HOW TO PREPARE FOR THE APPLICATION OF THE FSR
Application of the FSR – Timetable
As mentioned above, the FSR will apply as of July 12, 2023. The FSR shall apply to foreign subsidies granted in the five years prior to July 12, 2023 where such foreign subsidies create effects at present, i.e., they distort the internal market after July 12, 2023. By way of derogation, the FSR shall apply to foreign financial contributions granted in the 3 years prior to July 12, 2023 where such foreign financial contributions were granted to an undertaking notifying a concentration or notifying a PPP pursuant to the FSR.
The FSR shall not apply to concentrations for which the agreement was signed before July 12, 2023. The FSR shall also not apply to public procurement contracts that have been awarded or procedures initiated before July 12, 2023.
In general, the FSR shall apply from July 12, 2023 while the notification obligations for M&A transactions and PPP shall only apply from October 12, 2023. However, it is advisable to start preparing immediately for the application of the FSR, given the substantial scope of the regulation.
Actions to Take Now
Businesses which conduct activities in the EU, should put in place a system to monitor and quantify foreign financial contributions received since at least July 2020 – to cover the three-year review – and, preferably, July 2018. In particular, attention should be paid to positive benefits and reliefs from certain costs normally due by the company. External counsel can assist in determining whether these foreign financial contributions constitute a ‘foreign subsidy’.
As soon as a company decides to engage in an M&A or PPP in the EU, the company should map all relevant foreign financial contributions for the relevant time period to check whether the relevant notification thresholds are met. Subsequently companies must carefully consider whether any such financial contribution constitutes a foreign subsidy and, if so, whether such foreign subsidy may have a distortive effect. It is also advisable to determine whether there any positive effects relating to the subsidy that could be invoked. Companies should ensure that the preparation above is ably assisted by external counsel.
In particular with regard to M&A transactions, companies should carry out an FSR analysis in addition to merger control and foreign direct investment reviews. Even at the stage of due diligence, it would already be advisable to check whether the target has received any foreign financial contributions. If the transaction might eventually trigger a notification to the Commission, the M&A agreement should provide for Commission approval in the closing conditions. When acting as a bidder for a target that meets the EU turnover threshold, your bid will be much better viewed when accompanied with clear assurances that no FSR filing is required or, alternatively, that a filing may be required but that the foreign subsidies received are not distortive of competition.
On June 23, 2022, Italy’s data protection authority (the “Garante”)determined that a website’s use of the audience measurement tool Google Analytics is not compliant with the EU General Data Protection Regulation (“GDPR”), as the tool transfers personal data to the United States, which does not offer an adequate level of data protection. In making this determination, the Garante joins other EU data protection authorities, including the French and Austrian regulators, that also have found use of the tool to be unlawful.
The Garante determined that websites using Google Analytics collected via cookies personal data including user interactions with the website, pages visited, browser information, operating system, screen resolution, selected language, date and time of page views and user device IP address. This information was transferred to the United States without the additional safeguards for personal data required under the GDPR following the Schrems II determination, and therefore faced the possibility of governmental access. In the Garante’s ruling, website operator Caffeina Media S.r.l. was ordered to bring its processing into compliance with the GDPR within 90 days, but the ruling has wider implications as the Garante commented that it had received many “alerts and queries” relating to Google Analytics. It also stated that it called upon “all controllers to verify that the use of cookies and other tracking tools on their websites is compliant with data protection law; this applies in particular to Google Analytics and similar services.”
