What are we really talking about and what are the legal implications under the EU AI Act?
The rapid evolution of artificial intelligence (AI) has led to significant opportunities and challenges, especially in the realm of...more
Companies deploying high-risk artificial intelligence (AI) systems must prepare to conduct Fundamental Rights Impact Assessment (FRIA) by 2 August 2026. In this edition of our “Zooming in on AI” series we explain what this...more
The EU Artificial Intelligence Act (“AI Act”) exemplifies a highly advanced risk-based approach to European regulation. One of its distinguishing features is the detailed classification of various risk levels associated with...more
11/12/2024
/ Artificial Intelligence ,
Digital Services ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
Transparency
Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more
10/30/2024
/ Artificial Intelligence ,
Automated Systems ,
Data Protection ,
Distributors ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Importers ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management ,
Technology Sector ,
Transparency
In a significant ruling (dated 9 September 2024), The Hague District Court (Court) has sided with Bunq B.V. (Bunq), dismissing part of the customer's GDPR access request. This decision highlights that a financial entity’s...more
This is the final note in a three-part series on the regulation of artificial intelligence in the financial services sector in the United States, the European Union and the United Kingdom. Our first note, we provided a...more
10/21/2024
/ Artificial Intelligence ,
Consumer Protection Laws ,
Data Protection ,
Enforcement Actions ,
EU ,
Financial Services Industry ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Legislative Agendas ,
Liability ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Securities and Exchange Commission (SEC) ,
UK ,
United States
Rapid and accelerating developments in artificial intelligence have prompted governments around the world to consider how AI should be regulated and used responsibly by businesses, without stifling innovation.
This is...more
10/17/2024
/ Artificial Intelligence ,
Capital Markets ,
Data Protection ,
EU ,
Financial Conduct Authority (FCA) ,
Financial Services Industry ,
General Data Protection Regulation (GDPR) ,
Innovative Technology ,
Intellectual Property Protection ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Technology Sector ,
UK ,
White Collar Crimes
On 10 July 2023, the European Commission adopted the adequacy decision for the EU-U.S. Data Privacy Framework (DPF). This decision enables the free flow of personal data from the EU and three EEA countries (Iceland,...more
A new requirement to inform individuals of the exact personal data to be shared with the Administration des Contributions Directes.
The Luxembourg law of 18 December 2015 on the automatic exchange of financial account...more
In the five years since the European Union’s General Data Protection Regulation came into force, what have been the main learnings for business, and what will the future hold?...more
On 6 April 2022, following the announcement of the political agreement on a new EU-US Trans-Atlantic Data Privacy Framework having been reached between the European Commission and the United States on 25 March 2022, the...more
On 10 February 2022, the French supervisory data protection authority (CNIL) announced that it issued a formal notice to a website operator to bring its data processing in relation to audience measurement and analysis in...more
On 1 October 2019, the Court of Justice of the European Union (CJEU) issued its long-awaited decision in the case Planet49 (Case C-673/17). The decision clarifies the requirements for valid cookie consent under Directive...more
10/3/2019
/ Consent ,
Cookies ,
Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
EU Data Protection Laws ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular
The Luxembourg data protection authority (CNPD) has published a list of processing activities triggering a mandatory data protection impact assessment (DPIA) following review by the European Data Protection Board (EDPB)....more
Just before summer recess, Luxembourg Parliament has adopted the law of 1 August 2018 which implements certain parts of the General Data Protection Regulation (GDPR) and repeals the former data protection law of 2 August...more
On 12 September 2017, the Luxembourg Government introduced a bill of law (the Bill) to complement the General Data Protection Regulation EU) 2016/679 (the GDPR). The Bill is planned to enter into force simultaneously with the...more
The challenge and risks -
The topic of cybersecurity is seldom out of the press these days, occupying the minds of business leaders and politicians alike. From a business perspective, the ideal outcome would be to...more
After over three years of discussions at many levels, it is now clear that the proposed EU data protection framework will be revised, and that it will be in the form of a Regulation – the General Data Protection Regulation....more