The UK's Online Safety Act (the "Act") is a transformative piece of legislation and is introducing extensive online safety obligations for user-to-user services, search services and pornography platforms. The Act encompasses...more
Obligations relating to general-purpose artificial intelligence (“GPAI”) models under the EU AI Act enter into force on 2 August 2025. Ahead of this deadline, the European Commission (the “Commission”) has published a suite...more
On 19 June 2025 the Data (Use and Access) Act (the "DUA Act") received Royal Assent and became law in the UK, having been passed by the UK Parliament on 11 June 2025. The DUA Act principally reforms the General Data...more
The first requirements under the EU Artificial Intelligence (AI) Act come into effect on February 2, 2025, banning the use of AI systems that involve prohibited AI practices and requiring providers and deployers of AI systems...more
2/7/2025
/ Artificial Intelligence ,
Data Protection ,
Employee Training ,
EU ,
Facial Recognition Technology ,
Innovative Technology ,
Machine Learning ,
Professional Development ,
Regulation ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
Beginning 17 January 2025, the Digital Operational Resilience Act (DORA) will apply to almost all EU financial entities, including banks, insurers and reinsurers, brokers , payment and electronic money institutions,...more
1/20/2025
/ Cryptoassets ,
Cybersecurity ,
Data Security ,
Digital Operational Resilience Act (DORA) ,
EU ,
Financial Institutions ,
Financial Services Industry ,
Information and Communication Technology (ICT) ,
Information Technology ,
Regulatory Requirements ,
Risk Management
On 17 October 2024, the European Commission adopted the first Implementing Regulation under the Network and Information Security 2 Directive (EU) 2022/2555 (NIS2), focusing on digital infrastructures and services. The...more
10/21/2024
/ Cloud Computing ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Centers ,
Data Protection ,
EU ,
European Commission ,
Incident Response Plans ,
Infrastructure ,
Member State ,
New Regulations ,
Online Marketplace ,
Regulatory Requirements ,
Risk Management
On May 21, 2024, the last missing approval for the EU AI Act was given by the European Council. The text of the law is final and will be published in the coming days. Here we summarize key points as well as note potential...more
5/23/2024
/ Algorithms ,
Artificial Intelligence ,
Automation Systems ,
Cybersecurity ,
Data Privacy ,
EU ,
Innovative Technology ,
Machine Learning ,
New Regulations ,
Regulatory Reform ,
Regulatory Requirements
The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more
2/29/2024
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Data Protection Authority ,
European Data Protection Board (EDPB) ,
France ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Lead Supervisory Authority ,
New Guidance ,
Personal Data ,
Regulatory Requirements