In a decision with significant legal and operational ramifications for organisations of all shapes and sizes, the Court of Justice of the European Union (CJEU) last week confirmed that pseudonymised data will not always and...more
9/9/2025
/ Court of Justice of the European Union (CJEU) ,
Data Controller ,
Data Privacy ,
Data Processing Rules ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Data Transfers ,
EDPS ,
EU ,
European Court of Justice (ECJ) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Regulatory Requirements ,
Transparency
Although they do not focus the minds of many organisations in the same way as multi-million euro enforcement actions, the importance of low-value, non-material damages claims under the GDPR has gathered steam since the...more
8/28/2025
/ Appeals ,
Appellate Courts ,
Court of Justice of the European Union (CJEU) ,
Damages ,
Data Breach ,
Data Privacy ,
Data Protection ,
Emotional Distress Damages ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Privacy Laws ,
UK GDPR
As businesses and individuals in the UK continue to explore the possibilities offered by artificial intelligence, it should come as no surprise that the Government has also embraced AI. Increasing productivity in the civil...more
On June 22, 2025, Texas enacted the Texas Responsible Artificial Intelligence Governance Act (“TRAIGA”), putting it at the forefront of state-level AI regulation in the United States. TRAIGA becomes effective January 1, 2026....more
6/25/2025
/ Artificial Intelligence ,
Biometric Information ,
Compliance ,
Deep Fake ,
Disclosure Requirements ,
Enforcement ,
Enforcement Actions ,
Government Agencies ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Legislation ,
NIST ,
Penalties ,
Regulatory Requirements ,
Risk Management ,
Texas
Earlier this month, the European Commission released AI Literacy – Questions & Answers. The Q&As are a useful primer — both for organisations at the start of their literacy journey and those that, having taken steps to...more
5/21/2025
/ AI Act ,
Artificial Intelligence ,
Compliance ,
Corporate Counsel ,
Employees ,
Enforcement Actions ,
EU ,
Regulatory Oversight ,
Regulatory Requirements ,
Risk Management ,
Training
On this episode of the R&G Tech Studio podcast, Rohan Massey, a leader of Ropes & Gray’s data, privacy and cybersecurity practice, is joined by data, privacy and cybersecurity counsel Edward Machin to discuss the AI literacy...more
Our clients are at the forefront of many of the developments covered by the report. That said, I couldn’t help thinking that the report overlooked a law that takes effect in less than six months’ time and which will have...more
On 30 November 2022, OpenAI made its ChatGPT generative artificial intelligence chatbot publicly available. In the two years since, its unprecedented growth has fostered a dramatic shift in public attention to and interest in...more