Cybersecurity breaches originating from third-party providers (TPPs) are an escalating concern for Australian businesses. As supply chain risks grow, there is a mounting public expectation that the entity that commissioned...more
8/5/2025
/ Australia ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
New Legislation ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements ,
Risk Management ,
Supply Chain ,
Third-Party
Politicians’ and tech giants’ embrace of nuclear energy to power AI heightens the urgency to protect critical infrastructure from cyber threats....more
The mining sector is increasingly at risk from cyber attacks, and many companies are racing to defend themselves against the backdrop of a rapidly changing threat landscape. Ross Phillipson and Anna Rudawski explore what is...more
Concerns about claims of legal professional privilege over third-party investigation reports produced in the course of responding to cyberattacks, and the extent to which such reports can be shielded from disclosure in legal...more
4/23/2025
/ Attorney-Client Privilege ,
Australia ,
Class Action ,
Cyber Attacks ,
Data Breach ,
Disclosure Requirements ,
Discovery ,
Healthcare ,
Insurance Industry ,
Litigation Strategies ,
Popular ,
Privacy Laws
Established under the Cyber Security Act 2024 (the ‘Act’), the Cyber Security (security standards for smart devices) Rules 2025 (the ‘Rules’) set out the requirements for three security standards introduced to enhance the...more
The Artificial Intelligence Act (AI Act) is the world's first comprehensive legal framework for AI regulation, which entered into force on August 1, 2024. The AI Act aims to ensure that AI systems are trustworthy, safe and...more
4/1/2025
/ AI Act ,
Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Data Security ,
Enforcement ,
EU ,
European Commission ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Technology Sector
The integration of AI in the workplace is revolutionising HR. From recruitment to performance analysis, AI use cases can streamline HR processes and enhance productivity. However, the deployment of AI by employers also brings...more
3/18/2025
/ AI Act ,
Artificial Intelligence ,
Bias ,
Employees ,
Employer Liability Issues ,
Employment Policies ,
EU ,
Human Resources Professionals ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
UK
What are we really talking about and what are the legal implications under the EU AI Act?
The rapid evolution of artificial intelligence (AI) has led to significant opportunities and challenges, especially in the realm of...more
The European Union Artificial Intelligence Act (AI Act) entered into force on 1 August 2024. The AI Act establishes a risk-based approach to AI, prohibiting certain practices that are deemed unacceptable, such as social...more
2/6/2025
/ Artificial Intelligence ,
Compliance ,
Data Protection ,
Enforcement Actions ,
EU ,
European Commission ,
Healthcare ,
Regulation ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
The Western Australian District Court’s recent decision in Mobius Group Pty Ltd v Inoteq Pty Ltd1 highlights the potential consequence for the innocent party where fraudulent changes in bank details are sent from their...more
1/15/2025
/ Australia ,
Business E-Mail Compromise (BEC) ,
Commercial Litigation ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Duty of Care ,
Email ,
Financial Institutions ,
FinTech ,
Fraud ,
Risk Management ,
Technology
Cyber issues are seldom out of the news, from ransomware attacks and espionage to non-malicious outages that cause widespread concern. Organizations need to protect themselves against both current and future risks and...more
12/16/2024
/ Artificial Intelligence ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Incident Response Plans ,
Information Technology ,
Machine Learning ,
Ransomware ,
Risk Assessment ,
Risk Management
On December 16, 2024, the new Cybersecurity Maturity Model Certification (CMMC) 2.0 program from the U.S. Department of Defense (DoD) will go into effect. CMMC 2.0 aims to improve cybersecurity standards within the defense...more
12/16/2024
/ Certification Requirements ,
Compliance ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Justice (DOJ) ,
Dodd-Frank ,
False Claims Act (FCA) ,
Federal Contractors ,
Flow Down Clause ,
Proposed Rules ,
Regulatory Agenda ,
Remediation ,
Subcontractors
Companies deploying high-risk artificial intelligence (AI) systems must prepare to conduct Fundamental Rights Impact Assessment (FRIA) by 2 August 2026. In this edition of our “Zooming in on AI” series we explain what this...more
When the AI Act was first proposed by the European Commission in 2021, the concept of “general purpose AI” was nowhere to be found. These rules were introduced during the legislative process to align the AI Act to the...more
The Office of the Australian Information Commissioner (OAIC) has published AI guidance articulating how Australian privacy law applies to AI and the OAIC’s overall expectations on AI governance and privacy safeguards for...more
11/19/2024
/ Artificial Intelligence ,
Australia ,
Data Collection ,
Due Diligence ,
Information Commissioner's Office (ICO) ,
Machine Learning ,
New Guidance ,
Personal Information ,
Privacy Laws ,
Risk Management ,
Technology Sector ,
Transparency
The EU Artificial Intelligence Act (“AI Act”) exemplifies a highly advanced risk-based approach to European regulation. One of its distinguishing features is the detailed classification of various risk levels associated with...more
11/12/2024
/ Artificial Intelligence ,
Digital Services ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
Transparency
Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more
10/30/2024
/ Artificial Intelligence ,
Automated Systems ,
Data Protection ,
Distributors ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Importers ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management ,
Technology Sector ,
Transparency
AI-driven technology has emerged as a cornerstone of our present and future daily lives, revolutionising the way transactions and interactions are organised.
With the increased use of AI systems, there is also an...more
10/22/2024
/ Artificial Intelligence ,
Corporate Governance ,
Data Protection ,
EU ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Stakeholder Engagement ,
Technology Sector
On October 9 2024, the Australian Government introduced into Parliament the Cyber Security Legislative Package to implement several initiatives under the 2023-2030 Australian Cyber Security Strategy, which includes the...more
Aiming to bolster the security and resilience of critical infrastructures in Australia, the Australian Government introduced the Security of Critical Infrastructure and Other Legislation Amendment (Enhanced Response and...more
The Cyber Security Bill 2024 ("Cyber Bill") tabled in the Australian Federal Parliament yesterday is set to bring significant changes to the cyber security landscape in Australia....more
10/10/2024
/ Australia ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Information Governance ,
Information Technology ,
Pending Legislation ,
Ransomware ,
Regulatory Agenda ,
Regulatory Reform
After nearly five years of review, the first tranche of amendments to Australia’s Privacy Act has landed (Privacy and Other Legislation Amendment Bill 2024 (Cth) (Bill)). The Bill introduces 23 of the 25 legislative proposals...more
The Artificial Intelligence Act (AI Act) entered into force on 1 August 2024 and is the world's first comprehensive legal framework for AI regulation. As companies start incorporating AI tools into their business, products...more
On June 4, 2024, an Australian mining company which focuses on heavy rare earth elements disclosed a cyber incident to the Australian Securities Exchange (ASX). The previous day (Monday June 3, 2024), Australian Treasurer Jim...more
7/1/2024
/ Artificial Intelligence ,
Australia ,
Cyber Incident Reporting ,
Cybersecurity ,
Disclosure Requirements ,
Foreign Investment ,
Geopolitical Risks ,
Investment ,
Investors ,
Mining ,
Technology