The first requirements under the EU Artificial Intelligence (AI) Act come into effect on February 2, 2025, banning the use of AI systems that involve prohibited AI practices and requiring providers and deployers of AI systems...more
2/7/2025
/ Artificial Intelligence ,
Data Protection ,
Employee Training ,
EU ,
Facial Recognition Technology ,
Innovative Technology ,
Machine Learning ,
Professional Development ,
Regulation ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
Beginning 17 January 2025, the Digital Operational Resilience Act (DORA) will apply to almost all EU financial entities, including banks, insurers and reinsurers, brokers , payment and electronic money institutions,...more
1/20/2025
/ Cryptoassets ,
Cybersecurity ,
Data Security ,
Digital Operational Resilience Act (DORA) ,
EU ,
Financial Institutions ,
Financial Services Industry ,
Information and Communication Technology (ICT) ,
Information Technology ,
Regulatory Requirements ,
Risk Management
The UK National Cyber Security Centre has published guidance on effective communications in a cyber incident. While targeted at organisations generally, rather than explicitly at pension scheme trustees, the guidance contains...more
Sharing personal data is necessary for most organisations, but it also entails certain data protection risks. Controllers who share personal data with others must, among other obligations, ensure that they comply with the...more
The Automated Vehicles Act 2024 (the "Act") received royal assent on 20 May 2024, two days before the general election was announced and the wash-up period began for the now-dissolved Parliament....more
With the announcement of UK General Election for Thursday 4 July 2024, the Data Protection and Digital Information Bill has not completed the legislative process before the end of the current parliamentary session and will...more
The Information Commissioner's Office (the "ICO") has clarified the methods it will use to calculate the fines it will issue for breaches of data privacy law in the UK by publishing its latest Data Protection Fining Guidance...more
The UK Competition and Markets Authority ("CMA") has announced that three fashion retailers have signed voluntary undertakings to ensure that consumers have a clearer idea of how green their clothes really are. At the end of...more
4/24/2024
/ Advertising ,
Antitrust Provisions ,
Business Strategies ,
Competition ,
Environmental Social & Governance (ESG) ,
False Advertising ,
False Statements ,
Fashion Industry ,
Greenwashing ,
Marketing ,
Retail Market ,
Sustainability ,
UK ,
UK Competition and Markets Authority (CMA)
When the UK Online Safety Act (the "Act") became law on 26 October 2023, it had established one of the most comprehensive online safety regulatory frameworks in the world. The Act's intention is to make the use of online...more
The EU Data Act came into force on January 11, 2024. The Data Act is part of the European Commission’s data strategy released in February 2020 and obliges manufacturers of connected products to make use-related data available...more
A principles-based approach -
The white paper was originally released in March 2023 (see our update here), followed by a 12-week public consultation period which closed in June 2023. After hearing from over 545 different...more
The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more
2/29/2024
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Data Protection Authority ,
European Data Protection Board (EDPB) ,
France ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Lead Supervisory Authority ,
New Guidance ,
Personal Data ,
Regulatory Requirements
The Pensions Regulator (TPR) has published a regulatory intervention report outlining how they worked with Capita following a cyber incident last year (see our legal update), and detailing the key steps trustees should take...more
2/14/2024
/ Compensation & Benefits ,
Cybersecurity ,
Data Breach ,
Employee Benefits ,
Employer Liability Issues ,
Financial Services Industry ,
Incident Response Plans ,
Pension Schemes ,
Pensions ,
Popular ,
Retirement Plan ,
Risk Management ,
The Pensions Regulator (TPR) ,
UK
On 23 January 2024, the UK Government announced a call for views and requested feedback from businesses of all sizes across every sector on its draft Cyber Governance Code of Practice (the "Draft Code"). Aimed at directors...more
Intellectual Property -
Generative AI – ongoing impacts -
Since 2022, the popularity and availability of generative AI has continued to grow. It is estimated that 79% of internet users aged 13-17, and 31% of those aged 16...more
On 20 December 2023, the UK Supreme Court unanimously held that UK patent legislation does not permit an AI system to be named as the "inventor" in a patent application. In doing so, the UK Supreme Court reaffirmed earlier...more