On January 14, 2025, the UK government unveiled a proposed framework aimed at combating the rise of ransomware attacks by implementing a payment prevention and reporting regime. This would require companies to not only report...more
In the last month, Ofcom, the regulator tasked with enforcing the UK’s Online Safety Act (OSA), has published guidance enacting requirements under the OSA to carry out illegal harms risk assessments and children’s access...more
Starting January 17, 2025, the Digital Operational Resilience Act (DORA) will require financial entities and their critical information and communication technology (ICT) service providers to comply with enhanced...more
On December 8, 2023, the EU finally agreed on the world’s first comprehensive legal framework on AI: the AI Act. EU lawmakers reached a political agreement on a series of controversial issues after record-long negotiations....more
On September 21, 2023, the UK Government announced the establishment of the “UK-US data bridge” (the Bridge), also known as the UK Extension to the EU-U.S. Data Privacy Framework (the DPF). The announcement promises to...more
On July 10, 2023, the European Commission (EC) adopted an adequacy decision in relation to the EU-U.S. Data Privacy Framework (DPF). This paves the way for organizations to certify to the DPF, reducing friction for transfers...more
On June 28, 2023, the European Commission (EC) published a Proposal for a Regulation on Financial Data Access (FIDA). FIDA aims to create a framework through which data holders (e.g., banks, credit institutions) share the...more
In Europe, recent advances in artificial intelligence (AI) have given rise to intense debate over how this technology should be regulated. Companies that have developed AI tools, or who are considering implementing AI, should...more
6/16/2023
/ Algorithms ,
Artificial Intelligence ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Machine Learning ,
Privacy Laws ,
Technology Sector ,
UK
On January 12, 2023, the Court of Justice of the European Union (CJEU) ruled that the data subject’s right of access to personal data requires controllers to provide the data subject with the identity of the companies that...more
2/2/2023
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Officers (DPOs) ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Personally Identifiable Information
On October 7, 2022, President Biden signed an Executive Order (Order) on Enhancing Safeguards for United States Signals Intelligence Activities. This marks the latest step towards the new EU-U.S. Data Privacy Framework...more
On December 15, 2020, the European Commission (EC) unveiled a set of proposals to regulate digital platforms. The draft laws include antitrust-related requirements, addressed by the Digital Markets Act (DMA) and more general...more
The COVID-19 virus outbreak poses serious challenges to businesses operating globally, including in Europe. In response to the outbreak, governments worldwide are taking increasingly severe measures to fight the pandemic, and...more
3/26/2020
/ Coronavirus/COVID-19 ,
Corporate Counsel ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Data Subject Access Requests ,
EU ,
General Data Protection Regulation (GDPR) ,
Information Security ,
Personal Data ,
Privacy Laws