In a Letter to Industry, the FDA notes that it has observed an increase in recent years of contracted third-party testing laboratories fabricating test data, duplicating test data used in other device submissions, or providing unreliable characterizations of their testing. Although the Letter does not identify specific testing laboratories that have generated fabricated test data, it does point to “numerous such facilities based in China and India.”
In such cases, says the FDA, the inclusion of false or fabricated data in a premarket submission undermines the integrity of the entire premarket submission application. It leaves the agency no alternative but to reject the marketing authorization request.
The FDA advises device manufacturers to work with third-party testing laboratories that have been accredited under the voluntary Accreditation Scheme for Conformity Assessment (ASCA) to help reduce the likelihood of being provided fraudulent testing results. However, the FDA also warns that even using accredited testing laboratories does not completely eliminate the possibility of fraud and that a careful assessment of third-party test data is still strongly advised.
In a Declaratory Ruling issued in early February, the Commission summarized its determination that calls that include AI-generated voices are “artificial” under the Telephone Consumer Protection Act (TCPA) and, therefore, illegal. Under the TCPA, violators are subject to FCC enforcement authority, including fines and actions to block calls from telephone carriers that facilitate illegal robocalls. In addition, individual consumers are empowered under the TCPA to bring lawsuits against robocallers.
The Declaratory Ruling, which takes immediate effect, is based in part on a Notice of Inquiry issued by the Commission in November 2023 to solicit public input on how AI and AI-influenced technology can or will impact calling and texting processes and the extent to which such technology could compromise consumer privacy under the TCPA.
The FCC’s decision to make AI-generated robocalls illegal also has the support of a coalition of 26 State Attorneys General across the U.S., who urged the FCC earlier this year to restrict the use of AI in marketing phone calls.
According to a joint press statement issued by the European Commission and the White House National Security Council, the Joint Cybersafe Products Action Plan is intended to foster technical cooperation between the U.S. and the EU in an effort to align their respective cybersecurity requirements. The ultimate goal of the Joint Action Plan is for the signatories to achieve mutual recognition of cybersecurity labeling programs and regulations for IoT devices.
The Joint Cybersafe Products Action Plan was immediately endorsed by Jessica Rosenworcel, Chair of the U.S. Federal Communications Commission (FCC). In a separate statement, Rosenworcel referenced the FCC’s efforts to establish its own cybersecurity labeling program, building on work by the National Institute of Standards and Technology (NIST), and welcomed the opportunity to actively collaborate with its counterparts in the EU to reduce unnecessary cyber risks for consumers.
According to the Report and Order, the new rules required that originators of robocalls and robotexts comply with “do-not-call” and consent revocation requests received from consumers within 10 business days of receipt of the request. Originating parties may send a one-time text message to the consumer confirming the opt-out request as long as the text does not include any marketing information.
The Report and Order also seeks public comment on whether the scope of the Telephone Consumer Protection Act (TCPA) applies to unwanted robocalls and robotexts received by consumers for their own service providers and whether consumers should have the same ability to stop unwanted calls and texts as they do with other service providers.
In a Final Rule published in the Federal Register, the FDA amended its current good manufacturing practice (CGMP) requirements for its quality system (QS) regulation applicable to medical device manufacturers. The amended requirements now incorporate by reference ISO 13485:2016, Medical devices—Quality management systems—Requirements for regulatory purposes. The FDA says that the change is part of its effort to harmonize its quality management systems requirements for medical devices with those adopted by other regulatory agencies.
The FDA’s final rule regarding the changes to its current CGMPs takes effect on February 2, 2026. Until then, device manufacturers must continue to comply with the FDA’s QS regulation.