Insights

In a significant decision for government contractors, on April 15, 2026, in Life Science Logistics, LLC v. United States, the U.S. Court of Appeals for the Federal Circuit held that bid protesters challenging an agency’s override of an automatic stay of contract performance under the Competition in Contracting Act (CICA) need not satisfy the demanding four-factor test traditionally required for preliminary injunctive relief.  In so doing, the Federal Circuit clarified that CICA stay override challenges need only demonstrate that the override decision was arbitrary and capricious—nothing more.

Is evidence that a company tracked return on investment (ROI) for certain actions and expenses sufficient to prove mens rea and plead a violation of the federal Anti-Kickback Statute (AKS) with the requisite particularity? A recent decision in the U.S. District Court for the Southern District of New York (SDNY) suggests that it is.

Meta continues to face lawsuits around the country alleging that its platforms are designed to induce compulsive use by children. In March 2026, a California jury delivered a landmark verdict that Meta and YouTube were liable for allegedly addictive platform features that resulted in a child’s mental health distress.  

In Fortress Iron, LP v. Digger Specialties, Inc., No. 24-2313 (Fed. Cir. Apr. 2, 2026), the U.S. Court of Appeals for the Federal Circuit reaffirmed what happens when a patent incorrectly lists the true inventors, and that error cannot be corrected under 35 U.S.C. § 256(b), which requires notice and a hearing for all “parties concerned.” In Fortress, the patent owner sought judicial correction to add an inventor under § 256(b), but that inventor could not be located. Because the missing inventor qualified as a “concerned” party under the statute, the lack of notice and a hearing for that inventor made correction under § 256(b) impossible, and the patents could not be saved from invalidity.

On Friday, April 10, 2026, the U.S. Department of Justice (DOJ) announced that International Business Machines Corporation (IBM) has agreed to pay just over $17 million to resolve allegations that it violated the False Claims Act (FCA) by failing to comply with federal anti-discrimination requirements incorporated into its federal contracts due to allegedly discriminatory diversity, equity, and inclusion (DEI) employment practices. This resolution marks the first FCA settlement secured by the DOJ under its Civil Rights Fraud Initiative, created in May 2025, and announced by then-Deputy Attorney General Todd Blanche as part of the administration’s coordinated efforts to target allegedly unlawful DEI practices. Per the agreement, the settlement is neither an admission of liability by IBM nor a concession by the United States that its claims are not well founded.

The Federal Risk and Authorization Management Program (FedRAMP) continues to advance its modernization agenda. On April 8, 2026, FedRAMP released RFC-0031, Updated Incident Communications Procedures for public comment. This RFC proposes replacing the current FedRAMP Incident Communications Procedures (ICP) with what FedRAMP calls “a clear set of reporting requirements … established using a modern rules-based format.” 

The UK’s Office of Financial Sanctions Implementation (OFSI) has published details of a £390,000 penalty it imposed on ADI, an Irish subsidiary of Apple Inc., on 19 March 2026. The penalty relates to two payments totalling approximately £635,000 made in 2022 to Okko LLC, a sanctioned Russian app developer, for App Store revenue. Although the underlying facts are relatively simple, there are several interesting takeaways from OFSI’s penalty notice.

On April 13, 2026, President Trump signed the Small Business Innovation and Economic Security Act of 2026 (S. 3971) (the Act), extending the Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) programs through September 30, 2031. The legislation cleared the U.S. Senate on March 3, 2026 and then was passed by the U.S. House of Representatives on March 17, 2026 after a six-month interruption in program authority that halted the issuance of new awards across federal agencies. The programs’ previous authorization expired on September 30, 2025.

In our fifth alert in this EU Pharma Package Series, we provided an analysis of the background and ongoing legal debates regarding the concept of the global marketing authorization (GMA). We discussed in particular the missed opportunities in the Pharma Package to further codify and clarify the GMA, in view of its central role in determining the regulatory data protection (RDP) rights of a medicinal product.

At the European Patent Office (EPO), a recent referral of case T 873/24 from the Technical Board to the Enlarged Board of Appeal may clarify whether last summer’s decision in case G 1/24 on claim interpretation may be extended to the analysis of Added Subject-Matter. Already G 1/24 is impacting the assessment of patentability at the EPO, but should this referral be allowed, G 1/24’s effect on the assessment of added matter could result in a real shake up of the EPO’s notoriously strict assessment of support. Nonetheless, a review of how we got here highlights the value of late arguments during the EPO appeal process.

On April 6, 2026, the Centers for Medicare and Medicaid Services (CMS) circulated the Announcement of Calendar Year (CY) 2027 Medicare Advantage (MA) Capitation Rates and Part C and Part D Payment Policies (the CY 2027 Rate Announcement) to communicate Medicare Advantage (MA) capitation rates and Parts C and D payment policies. The Rate Announcement announces decisions regarding proposals initially published on January 26, 2026, in CMS’s CY 2027 Advance Notice for MA and Part D. The following is a summary of the most significant issues in the Rate Announcement, with further details below: 

On April 7, 2026, six federal agencies (FBI, CISA, NSA, EPA, DOE, and U.S. Cyber Command – Cyber National Mission Force) published a joint advisory warning that Iranian-affiliated threat actors are targeting internet-facing OT devices, particularly PLCs.  In some cases, the threat actors have caused operational disruptions and financial losses at U.S. critical infrastructure organizations by manipulating software files that contain configuration settings as well as showing false data on hardware and software dashboards and displays.

The Federal Trade Commission (FTC) recently released its Strategic Plan for Fiscal Years 2026–2030, setting out the agency’s enforcement priorities and operational objectives for the next five years under Chairman Andrew N. Ferguson. The plan reaffirms the FTC’s commitment to vigorously enforcing the nation’s antitrust and consumer protection laws “without fear or favor.” Critically for businesses, the plan returns the phrase “without unduly burdening legitimate business activity” to the agency’s mission statement, signaling a commitment to ending what the agency characterizes as overregulation of businesses that compete fairly and deal honestly with consumers. Despite this business-friendly framing, the plan signals robust enforcement across consumer protection, antitrust, and emerging technology — areas that will directly affect in-house counsel’s compliance planning over the coming years.

On April 7, 2026, Acting Attorney General Todd Blanche issued a memorandum establishing the National Fraud Enforcement Division (NFED) within the U.S. Department of Justice (DOJ). This new division will be dedicated to the centralized, coordinated investigation and prosecution of fraud against taxpayer dollars and taxpayer-funded programs. AAG Blanche acknowledged that, while DOJ has a “storied history of combatting fraud,” DOJ has “never adopted a comprehensive and coordinated approach to investigating and prosecuting fraud against taxpayer dollars and tax-payer funded programs.” The NFED was created to close that gap with its core mission being to “zealously investigate and prosecute those who steal or fraudulently misuse taxpayer dollars.”

On March 31, 2026, the Executive Office of the President, Office of Management and Budget (OMB), issued Memorandum M-26-10 titled, “Reinforcing Transparency, Accountability, and Oversight of Federal Technology,” (Memorandum) containing a new policy designed to reinforce oversight, transparency, and accountability across federal technology programs, increase accountability for agency chief information officers (CIOs), and enhance information sharing among government agencies.  OMB issued the policy in furtherance of several executive orders (EOs) issued by President Trump, including: EO 13833, “Enhancing the Effectiveness of Agency Chief Information Officers,” EO 14240, “Eliminating Waste and Saving Taxpayer Dollars by Consolidating Procurement,” and EO 14243, “Stopping Waste, Fraud, and Abuse by Eliminating Information Silos.”  

The U.S. Court of Appeals for the Federal Circuit recently decided in Bd. of Trs. of Columbia Univ. v. Gen Digital Inc., No. 2024-1243 (Fed. Cir. 2026) that the district court erred in its denial of judgment as a matter of law as to damages resulting from foreign sales of downloadable software. At Columbia University's request, the jury had been instructed that “Columbia [was] entitled to damages based on sales to customers located outside of the United States if . . . the infringing product sold to those customers was made in or distributed from the United States, even if the infringing product [was] delivered to and used by the customer outside the United States.” The court concluded as a matter of law that the software sold to Gen Digital‘s (Norton) foreign customers was made outside the United States, and therefore the $94 million in foreign sales damages could not stand.

At the International Association of Privacy Professionals’ (IAPP) annual conference March 30-31, 2026, enforcement officials from California, Connecticut, Indiana, and Delaware shared their current and upcoming enforcement priorities under U.S. state consumer privacy laws. This alert summarizes the key themes from the panel and offers practical guidance for companies navigating the evolving enforcement landscape.

The Modernization of Cosmetics Regulation Act of 2022 (MoCRA) marked the most significant expansion of FDA’s authority over cosmetics in 80 years — and the agency is putting that authority to work. From the launch of a new adverse event reporting tool to forthcoming rules on fragrance allergens and good manufacturing practices (GMP), FDA is reshaping the regulatory landscape for manufacturers, packers, and distributors of cosmetic and personal care products.

Last month, in a ruling that may carry significant implications for the artificial intelligence industry, a California federal court held that state tort and contract claims related to the training of AI models were not preempted by federal law and could proceed in state court. Because many AI models were trained in a similar fashion---by scraping data from online posts and repositories---the decision suggests other plaintiffs may bring such claims in state courts, in addition to federal claims of copyright infringement.

Chambers Europe Guide and Legal 500 Europe, Middle East & Africa (EMEA) Recognize Crowell & Moring Trade Practice and Partner in 2026