By Era Anagnosti, Brent Bernell, Daniel Caprio, Steven Phillips, Andrew Serwin, and John Gevertz

On February 18, 2025, President Donald J. Trump signed an Executive Order (EO), entitled, “Restoring Democracy and Accountability in Government,” which asserts greater authority over all federal agencies, including those established by Congress as independent from direct presidential control. The EO specifically lists the Securities and Exchange Commission (SEC), the Federal Trade Commission (FTC), the Federal Communications Commission (FCC), the National Labor Relations Board (NLRB), and the Federal Reserve Board as relevant agencies.  

The EO could lead to delays, if not cancellations, of pending and proposed regulations at those agencies. At a minimum, it introduces uncertainty as it newly subjects all of their “significant regulatory actions” to White House review. Moreover, the EO reflects an intent (or represents an effort) to fundamentally change the current regulatory environment.

Specifically:

• The EO asserts that Article II of the US Constitution vests all executive power in the President, meaning that all executive branch officials and employees are subject to the President’s supervision and control.
• The EO declares that all agencies must submit draft regulations for White House review – with no carve-out for so-called independent agencies, except for the monetary policy functions of the Federal Reserve.
• The EO further provides that agencies must consult with the White House on their priorities and strategic plans, and that the White House will set their performance standards, with the Office of Management and Budget adjusting the agencies’ funding apportionments to ensure tax dollars are spent in a manner that is consistent with White House priorities.
• The President and the Attorney General (subject to the President’s supervision and control) will interpret all applicable law for the executive branch, meaning that, instead of allowing separate agencies to interpret their own enabling legislation, they must accept the Justice Department’s and White House’s interpretation as binding.

The EO follows the firing of the leaders of some of the independent agencies – in apparent contravention of the statutes that bar their dismissal without cause before the expiration of their terms. A number of those dismissals are currently being challenged in various federal courts.

While the EO purports to limit the independence of the agencies even in their areas of expertise, the effect of the Loper Bright decision last year already had resulted in the courts no longer deferring to the agencies’ expertise. In a 6-3 decision in Loper Bright, the Supreme Court overruled the Chevron doctrine, which held that where a statute was ambiguous or had not addressed the precise question at issue, courts would defer to a reasonable interpretation by the agency charged with implementing the statute. Instead, the Supreme Court held the “courts, not agencies, will decide all relevant questions of law arising on review of agency action” and expressly stated that there was to be “no deferential standard for courts to employ in answering those legal questions.”  It remains to be seen whether the courts will accept the EO’s assertion that the White House and the Attorney General are the sole and final arbiters of the meaning of laws passed by Congress.

The patina of independence at the FTC, FCC, and SEC has been blurred over the past two decades by various EOs and executive branch actions.  For example, the Biden Administration’s EO 14036 in 2021, titled “Promoting Competition in the American Economy” served to establish a “whole-of-government effort to promote competition in the American economy” by encouraging stronger enforcement of antitrust law.The Biden EO directed over a dozen federal agencies, including the FTC, to take action on 72 separate initiatives identified by the Biden Administration as beneficial for curbing anti-competitive practices. The order additionally established the White House Competition Council, a fifteen-member committee led by the National Economic Council. Also, in 2015, President Barack Obama called upon the FCC to take up the strongest possible rules to protect net neutrality, the principle that says internet service providers (ISPs) should treat all internet traffic equally. The FCC voted along party lines in favor of strong net neutrality rules to keep the internet open and free.

Still, the 2025 EO marks an unprecedented shift with its explicit assertion of control over executive branch agencies – which may increase the likelihood of legal challenges and the potential for a Congressional response, given that agencies such as the FTC, FCC, and SEC were created as independent agencies by Congress.

In recent years, rulings from the Supreme Court have cabined agency authority-.  Notably, the Court’s ruling in Loper Bright Enterprises v. Raimondo, 603 US 369 (2024), overruled the Chevron deference doctrine, which required courts to defer to an agency’s reasonable interpretation of an ambiguous provision it is charged with implementing.  The Supreme Court held that “courts, not agencies, will decide all relevant questions of law arising on review of agency action” and expressly stated that there was to be “no deferential standard for courts to employ in answering those legal questions.” Loper Bright applies equally to all agencies – including agencies like the SEC, FTC, and FCC that are charged with interpreting particularly technical statutes in policy-laden areas of regulatory law. 

In combination, Loper Bright and the EO, which challenges their independence, usher in a new era of regulation of American businesses at a time when technology and the economy are rapidly growing more complex. In this new era, uncertainty for businesses may increase as the authority to interpret governing law shifts away from the institutions with the highest levels of technical expertise. At the same time, businesses have more opportunities than before to challenge proposed rules and final regulations that are averse to their interests – by bringing their concerns to the attention of the White House and, if promulgated, challenging them in court. 

It remains to be seen how this EO will be implemented and how either the courts or Congress will respond. However, at minimum, absent a court order barring its implementation, it is likely that the EO will delay pending rulemakings, including the FTC’s privacy “surveillance rule” launched during the Biden Administration.

There are many unanswered questions as to the impact of this EO, and DLA Piper is prepared to advise companies as they navigate through this uncharted territory.

This graphic captures what governance is, including escalation, as represented by the green dashed line, coming from “measurement and reporting”, which is essentially the information systems/information gathering capability of a company. It should be noted that governance obviously includes both oversight and operations concepts. 

Direction is the first step, and that is set by Delaware General Corporations Code Section 141, which provides, “every corporation organized under this chapter shall be managed by or under the direction of a board of directors…”  To help further differentiate these points that follow, the direction that is set is a broad vision for a company. 

Strategy is inherent in the business judgment rule, a core principle of Delaware law, and as summarized by the state of Delaware, “Although some major transactions require the consent of stockholders as well as the approval of the board, the board generally has the power and duty to make business decisions for the corporation. These decisions include establishing and overseeing the corporation’s long-term business plans and strategies, and the hiring and firing of executive officers.”  That provides us the concept of strategy being part of governance.

Oversight is a concept imbedded within the business judgment rule, and it is also part of the Caremark standard that serves as a potential basis for director and officer liability.

Controls, and measurement and reporting also come directly from Delaware law.  As noted most recently in In re McDonald’s Corporation Stockholder derivative litigation, “another critical part of an officer’s job is to identify red flags, report upward, and address them if they fall within the officer’s area of responsibility.  Once again, pause and envision an officer telling the board that their job did not include any obligation to report or red flags or address them.”

That returns us to the original graphic—the governance process—and why this is the process that should be used.  Here we see one final point—that the process itself is the same no matter the subject matter area.  While the controls are different in other subject areas when the process is keyed to a different subject, the process remains the same.  This also illustrates a common misconception among subject matter experts—controls are not governance.  They are part of governance, but they are not by themselves governance.

Having an understanding of this concept is critical as companies try and build compliant and resilient privacy and cybersecurity programs.

For more information on cybersecurity processes, or how public companies can prepare for compliance, please contact your DLA Piper relationship partner, the authors of this blog post, or any member of our Data Protection team.