Insights

On December 17, 2025, the U.S. Food and Drug Administration (FDA) issued a request for information (RFI) on a proposal designed to help the FDA engage more directly with innovative, venture-backed companies focused on biotechnology, medical devices, AI, and regulatory technology.[i]The RFI includes 19 questions, with responses due by 2:00 p.m. ET on January 18, 2026.

In an important first, the yearly defense policy law, the National Defense Authorization Act (NDAA) for Fiscal Year 2026, directs the Department of Defense (DoD)  to develop and implement a framework addressing the cybersecurity and physical security of artificial intelligence and machine learning technologies (AI/ML) acquired by the Pentagon.

California state and federal courts continue to see extensive litigation involving the California Invasion of Privacy Act (“CIPA”). When enacted in 1967, CIPA targeted traditional telephone wiretapping. However, its reach has expanded as new technologies enter the market. Today, private CIPA claims often concern website tracking and a business’s choice to embed analytic tools on its website.

This news bulletin is provided by the International Trade Group of Crowell & Moring. If you have questions or need assistance on trade law matters, please contact Anand Sithian or Simeon Yerokun or any member of the International Trade Group.

2026 will be a significant year for retailers and e-commerce companies, with significant changes on the horizon that will affect the entire industry and ecosystem. Potential headwinds and developments in product safety, pricing, artificial intelligence, data privacy, website compliance, and environmental responsibility are expected. But amidst these changes, there are likely significant opportunities that retail and e-commerce businesses can capitalize on.

The California Privacy Protection Agency (“CPPA”) is intensifying its oversight of data brokers with a new dedicated Data Broker Enforcement Strike Force within its Enforcement Division. The strike force will monitor and investigate data brokers’ compliance with their legal obligations under California’s Delete Act and the California Consumer Privacy Act (“CCPA”).

In Trump v. CASA, the Supreme Court significantly constrained the equitable authority of federal district courts to grant universal or nationwide injunctive relief, clarifying that, with specific exceptions, a federal court’s power to grant relief is limited to the parties before it. When it was issued, many bemoaned CASA’s implications for preventing government overreach.

As artificial intelligence (AI) continues to evolve and integrate into various aspects of legal practice, counsel and arbitral tribunals drawing up their Terms of Reference (TOR) establishing the terms of the dispute being referred to arbitration and also formulating their procedural orders should consider the implications of AI. This client alert highlights the importance of addressing AI in TOR negotiations and provides an overview of likely topics international arbitration practitioners can expect to treat in TORs and procedural orders.

New York Governor Kathy Hochul has signed into law the most significant update to New York’s consumer protection law in 45 years — the Fostering Affordability and Integrity through Reasonable Business Practices Act, or FAIR Business Practices Act — expanding the scope of the state’s authority to now challenge unfair and abusive business practices. The measure, backed by New York Attorney General (“AG”) Letitia James and signed on December 19, 2025, amends New York’s General Business Law § 349, giving regulators new tools to protect consumers and promote fair marketplace practices.

The United States Trademark Trial and Appeal Board (TTAB or Board) recently issued a refreshed opinion in the trademark dispute Naterra International, Inc. v. Samah Bensalem, where Naterra International, Inc. petitioned the TTAB to cancel Samah Bensalem’s registration for the mark BABIES' MAGIC TEA based on its own BABY MAGIC mark. On remand from the U.S. Court of Appeals for the Federal Circuit, the TTAB reconsidered an expert’s opinion about relatedness of goods based on the concept of “umbrella branding” and found that the goods are unrelated and therefore again denied the petition for cancellation.

On December 4, 2025, an advisory committee of the U.S. Securities and Exchange Commission (SEC or Commission) voted to advance a recommendation that the agency issue guidance requiring issuers to disclose information about the impact of artificial intelligence (AI) on their companies.

GAO’s key personnel rule is well-known—and often a source of frustration— amongst government contractors.  Proposed key personnel who become “unavailable” prior to contract award—especially where they have accepted employment with a different company—may doom an offeror’s proposal by rendering it noncompliant with solicitation requirements.  But GAO’s recent decision in FYI – For Your Information, Inc., B-423774, B-423774.2 (Dec. 19, 2025) provides some potential relief from that rule. 

On November 4, 2025, the USPTO in Ex parte Desjardins designated as precedential an earlier Appeals Review Panel (ARP) decision overruling the Patent Trial and Appeal Board (Board), instead holding that claims directed to training a machine learning model are patent-eligible under 35 U.S.C. § 101 when they integrate a mathematical concept into a practical application that improves how the model operates. That precedential designation represents a material shift in legal precedent in the § 101 arena post-Alice, and it has already driven updates to the MPEP and examiner practice. As a result, Desjardins signals an adjustment in practice in favor of AI and software eligibility at the USPTO.

Since the signing of Executive Order 14187 (“Protecting Children from Chemical & Surgical Mutilation”) in late January 2025, the Trump Administration has made its skeptical stance on gender-affirming care—especially regarding services provided to minors—clear.

On December 22, 2025, the Federal Trade Commission (“FTC”) took its first step in enforcing its August 2024 Consumer Review Rule (“Rule”) that regulates online companies’ moderation and curation of user reviews, by issuing warning letters to 10 unidentified companies alerting them of their potential violations of the Rule, and cautioning that continued noncompliance could lead to enforcement action and substantial civil penalties. The FTC warning letters directed each recipient to immediately cease and desist from any non-compliant practices and required the company to confirm in writing the steps taken to ensure ongoing compliance with the Rule.

Earlier this month, the Department of Justice (DOJ) announced that Swiss Automation Inc., an Illinois-based precision machining company, agreed to pay $421,234 to resolve allegations that it violated the False Claims Act (FCA) by inadequately protecting technical drawings for parts delivered to Department of Defense (DoD) prime contractors.  This settlement reflects DOJ's persistent emphasis on cybersecurity compliance across all levels of the defense industrial base, reaching beyond prime contractors to encompass subcontractors and smaller suppliers.  The settlement is also a reminder to all contractors not to overlook the often confusing relationship between Controlled Unclassified Information (CUI) and export-controlled information.

On December 19, 2025, the Department of Justice (DOJ) announced a $54.4 million settlement with Ceratizit USA, LLC, a distributor of tungsten carbide products, resolving allegations that the company violated the False Claims Act (FCA) by evading customs duties on products imported from China. This settlement is believed to be the largest ever customs-related FCA resolution, and this high-water mark underscores the government’s heightened enforcement focus on tariff evasion.

On December 18, 2025, the Fiscal Year 2026 National Defense Authorization Act (FY 2026 NDAA) (P.L. 119-60) was signed into law. The Act makes significant changes to defense acquisition, sourcing restrictions, and interactions between the Defense Industrial Base (DIB) and the Department of Defense (DOD). 

The regulatory environment for skilled nursing facilities (SNFs) is shifting rapidly, creating challenges and uncertainties for providers across the country—and especially those in New York. While the Trump administration has rolled back federal nurse staffing mandates, state-level requirements remain in full force, and new federal ownership disclosure rules are set to take effect in January 2026. Even as federal enforcement slows, state regulators appear primed to intensify oversight of nursing home operators by enhancing Certificate of Need (CON) review processes.

On December 16, 2025, the European Commission published its proposal for a regulation establishing a European Biotech Act to strengthen the EU's biotechnology and biomanufacturing sectors with a primary focus on health.