Insights

On March 31, 2026, the Executive Office of the President, Office of Management and Budget (OMB), issued Memorandum M-26-10 titled, “Reinforcing Transparency, Accountability, and Oversight of Federal Technology,” (Memorandum) containing a new policy designed to reinforce oversight, transparency, and accountability across federal technology programs, increase accountability for agency chief information officers (CIOs), and enhance information sharing among government agencies.  OMB issued the policy in furtherance of several executive orders (EOs) issued by President Trump, including: EO 13833, “Enhancing the Effectiveness of Agency Chief Information Officers,” EO 14240, “Eliminating Waste and Saving Taxpayer Dollars by Consolidating Procurement,” and EO 14243, “Stopping Waste, Fraud, and Abuse by Eliminating Information Silos.”  

At the International Association of Privacy Professionals’ (IAPP) annual conference March 30-31, 2026, enforcement officials from California, Connecticut, Indiana, and Delaware shared their current and upcoming enforcement priorities under U.S. state consumer privacy laws. This alert summarizes the key themes from the panel and offers practical guidance for companies navigating the evolving enforcement landscape.

The Modernization of Cosmetics Regulation Act of 2022 (MoCRA) marked the most significant expansion of FDA’s authority over cosmetics in 80 years — and the agency is putting that authority to work. From the launch of a new adverse event reporting tool to forthcoming rules on fragrance allergens and good manufacturing practices (GMP), FDA is reshaping the regulatory landscape for manufacturers, packers, and distributors of cosmetic and personal care products.

Last month, in a ruling that may carry significant implications for the artificial intelligence industry, a California federal court held that state tort and contract claims related to the training of AI models were not preempted by federal law and could proceed in state court. Because many AI models were trained in a similar fashion---by scraping data from online posts and repositories---the decision suggests other plaintiffs may bring such claims in state courts, in addition to federal claims of copyright infringement.

Chambers Europe Guide and Legal 500 Europe, Middle East & Africa (EMEA) Recognize Crowell & Moring Trade Practice and Partner in 2026

In March 2026, the Office of the United States Trade Representative (USTR) launched two parallel Section 301 investigations: one targeting manufacturing overcapacity across 16 countries (including China, the EU, Japan, India, Mexico, Vietnam, and other major manufactures), and one targeting forced labor enforcement failures across 60 countries. Here are the top seven questions Crowell & Moring’s International Trade team is getting regarding pending Section 301 comment deadlines from our clients and how to address them:

In our fourth alert in this EU Pharma Package Series, we provided an analysis of the long-standing but increasingly debated issue of fiscal imports in the pharmaceutical supply chain and the EU’s evolving approach to this issue.

On April 2, 2026, President Trump issued a Proclamation invoking Section 232 of the Trade Expansion Act of 1962, as amended (19 U.S.C. § 1862), to impose tariffs on imports of patented pharmaceuticals, biologics, and associated ingredients into the United States.  The action affects pharmaceutical manufacturers, importers, and supply chain participants.   

As pharmaceutical weight-loss therapies have surged in popularity, health plans, regulators, and courts have found themselves grappling with a set of increasingly pressing and complex questions: who must cover these drugs, under what circumstances, and for whom?

In a development likely to ramp up regulatory pressure on an industry already under significant federal scrutiny, Federal Trade Commission (FTC) Chairman Andrew Ferguson recently directed leaders across his agency to launch a team dedicated to cooperatively advancing enforcement and advocacy activities relevant to health care.

Organizations facing cyber incidents increasingly encounter follow-on civil litigation alleging failures to implement reasonable security measures. In response, a growing number of states — the most recent being Oklahoma this year — have enacted safe harbor laws designed to both protect consumers and reward organizations that take a proactive, documented, and structured approach to cyber threats.

On March 25, 2026, in Cox Communications, Inc. v. Sony Music Entertainment, the U.S. Supreme Court reversed a $1 billion verdict against Cox. The judgment was the result of a jury trial in which Sony claimed that Cox was liable for contributory copyright infringement because it knew that its customers were using its service to infringe yet did not respond with sufficient diligence to prevent that infringement.

Despite facing existential challenges in several federal courts, the performance metrics established by the Centers for Medicare and Medicaid Services’ (CMS) 2020 Final Rule for organ procurement organizations (OPO) appear to be, at least for now, withstanding scrutiny in litigation proceedings.  

On March 4, 2026, the European Commission proposed the Industrial Accelerator Act (IAA), a draft regulation that aims to reverse the decline of the EU’s manufacturing sector while supporting the adoption of cleaner technologies. This client alert is the second in a three-part series dedicated to the IAA. In our first alert we provided an overview of the draft regulation. In this second alert, we take a closer look at the new foreign direct investment (FDI) review framework that the IAA would establish for certain strategic sectors.

In about a year’s time, all worker noncompetition and nonacceptance of business provisions in Washington state will become void and unenforceable unless they qualify for one of the limited exceptions to the ban, thanks to a new law signed by Washington’s Governor Bob Ferguson on March 23, 2026. The new law takes effect June 30, 2027.

On March 26, 2026, President Trump issued an executive order (EO) titled Addressing DEI Discrimination by Federal Contractors. The EO declares diversity, equity, and inclusion (DEI) “activities” “unethical and often illegal,” and imposes new obligations on federal contractors and subcontractors related to DEI programming. Contractors that do business with the federal government — or that work as subcontractors for companies that do — should review the EO closely to determine the extent to which they are compliant with the new requirements.

On March 23, 2026, the Federal Communications Commission (FCC) updated its Covered List—a list of communications equipment and services deemed to pose an unacceptable risk to U.S. national security or the safety and security of U.S. persons—to include consumer-grade routers produced in a foreign country, absent an exemption granted by the U.S. Departments of War (DoW) or Homeland Security (DHS). This designation effectively prohibits the import of all consumer routers that are not produced in the United States.

In two recent pathbreaking judgments, juries in California and New Mexico held social media companies civilly liable for harming minors who used their products.

In our third alert in this EU Pharma Package Series, we provided a detailed overview of the diverging positions of the European Commission, the European Parliament , and the Council of the European Union on the transferable exclusivity voucher (TEV) for priority antimicrobials.

On March 20, 2026, the Centers for Medicare and Medicaid Services (CMS) released new guidance outlining the agency’s audit methods and instructions for Medicare Advantage (MA) plans subject to upcoming risk adjustment data validation (RADV) audits for payment year (PY) 2020. In addition to providing necessary context for MA plans selected for auditing, this resource clarifies CMS’s methodological and procedural expectations. While the high-level takeaways are recapped below for convenience, we strongly recommend that MA organizations selected for PY 2020 audits closely review the guidance to understand what may be involved — or required — during the agency’s review.