The European Commission has released a new template for summarizing training data used in general-purpose artificial intelligence ("AI") models, as part of its broader AI regulatory framework....more
As the national implementation deadline for the NIS 2 EU Directive is over, businesses in scope should ensure they will soon be ready to comply with the strengthened cybersecurity requirements....more
On 22 December 2023, the Regulation on harmonized rules on fair access to and use of data ("Data Act") was published in the EU's Official Journal. The Data Act lays down rules on fair access to and use of personal and...more
Across multiple continents and industries, artificial intelligence ("AI") is a topic of intense focus by governments, research institutions, investors, and corporations—from start-ups to well-established industry players. As...more
The Council of the European Union ("EU") adopted a new Directive to strengthen cybersecurity and resilience across the Union. -
Following the European Parliament's approval on November 10, 2022, the Council of the European...more
On September 15, 2022, the European Commission ("EU") published a proposal for a Cyber Resilience Act, the first EU-wide legislation introducing a single set of cybersecurity rules for hardware and software products placed in...more
The Situation: On October 6, 2020, the Court of Justice of the European Union ("CJEU") held that the national security laws of the United Kingdom, France, and Belgium, which each require that providers of electronic...more
11/6/2020
/ Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Protection ,
Data Retention ,
Data Security ,
e-Privacy Directive ,
Electronic Communications ,
EU-US Privacy Shield ,
International Data Transfers ,
Location Data ,
Member State ,
National Security ,
Standard Contractual Clauses
This week, the European Commission published white papers detailing its strategies regarding the use of data and artificial intelligence ("AI"). Several additional reports accompany the white papers and cover topics such as...more
The Situation: On December 18, 2018, the European Union published its European Electronic Communication Code ("Code").
The Result: The Code overhauls the current legislative framework for telecommunications with the aim of...more
The Situation: On September 5, 2018, Belgium published two laws that implement the Belgian requirements under Regulation 21016/679, the General Data Protection Regulation ("GDPR").
The Details: The two laws include the Law...more
Whistleblowers who expose breaches of European Union law will be afforded greater protection from retaliation by companies and public authorities under a draft law proposed by the European Commission in April 2018. The draft...more
4/27/2018
/ Anti-Corruption ,
Corporate Governance ,
Data Protection ,
Employer Liability Issues ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
Sarbanes-Oxley ,
Trade Secrets ,
Whistleblower Protection Policies ,
Whistleblowers ,
White Collar Crimes
The Situation: To strengthen cross-border cooperation in investigations, the European Commission has proposed legislation allowing EU Member State authorities to access, directly from services providers, electronic evidence...more
4/26/2018
/ CLOUD Act ,
Criminal Investigations ,
Data Protection ,
Discovery ,
e-Discovery Professionals ,
Electronically Stored Information ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Litigation ,
Proposed Regulation ,
Third Country Entities (TCEs)
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more
3/15/2017
/ Actual Injuries ,
Advertising ,
Argentina ,
Australia ,
Banks ,
Belgium ,
Big Data ,
Canada ,
China ,
Class Action ,
Colombia ,
Connected Items ,
Consumer Protection Act ,
Controlled Unclassified Information (CUI) ,
Credit Cards ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Databases ,
Department of Homeland Security (DHS) ,
Department of Transportation (DOT) ,
Email Policies ,
ENISA ,
EU ,
EU Data Protection Laws ,
Fair Credit Reporting Act (FCRA) ,
Federal Breach Notification Standard ,
Federal Trade Commission (FTC) ,
FinTech ,
France ,
Fraud ,
General Data Protection Regulation (GDPR) ,
Germany ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hong Kong ,
Information Sharing ,
International Data Transfers ,
Investigatory Powers Act 2016 ,
Italy ,
Japan ,
Mexico ,
National Security ,
Netherlands ,
NIST ,
NYDFS ,
OCIE ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
SEC Examination Priorities ,
Securities and Exchange Commission (SEC) ,
Settlement Agreements ,
Singapore ,
Spain ,
Spokeo ,
Standing ,
State Data Breach Notification Statutes ,
Swiss Privacy Shield ,
Switzerland ,
TCPA ,
Telemarketing ,
UK ,
V2V ,
Web Tracking