The UK government has set ambitious goals in the realm of artificial intelligence (AI) and data infrastructure since the 2024 general election, with further significant announcements and commitments to follow. Businesses...more
The European Accessibility Act (“EAA”) (Directive (EU) 2019/882) introduces new accessibility requirements that will apply to a wide range of products and services when they are accessible in the EU, aiming to enhance access...more
A recent update to EU consumer law will require many businesses selling online to offer a simpler, more accessible way for customers to cancel contracts within the standard 14-day cooling-off period....more
7/17/2025
/ Cancellation Rights ,
Consumer Contracts ,
Consumer Protection Laws ,
Contract Terms ,
Corporate Counsel ,
E-Commerce ,
EU ,
EU Directive ,
New Regulations ,
Regulatory Requirements ,
Websites
The EU AI Act (AI Act), effective since February 2025, introduces a risk-based regulatory framework for AI systems and a parallel regime for general-purpose AI (GPAI) models. It imposes obligations on various actors,...more
The CRA will affect a broad range of digital products placed on the EU market (including by those based outside the EU), including connected hardware/devices, software and remote data processing solutions. The EU has adopted...more
4/16/2025
/ Cybersecurity ,
Data Processors ,
Digital Operational Resilience Act (DORA) ,
Distributors ,
EU ,
General Data Protection Regulation (GDPR) ,
Hardware ,
Importers ,
Manufacturers ,
New Legislation ,
Popular ,
Regulatory Requirements ,
Risk Assessment ,
Software ,
Supply Chain
Quantum computing (QC) is poised to disrupt cybersecurity in ways that business leaders and legal professionals cannot afford to ignore. But what exactly is quantum computing, why does it pose such a significant threat to...more
4/1/2025
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Encryption ,
EU ,
National Security ,
NIST ,
Popular ,
Risk Management ,
Technology Sector
The AI Action Summit brought together a wide-ranging assembly of influential figures to discuss the future of artificial intelligence (AI) governance, risk mitigation and international cooperation. The attendees included...more
2/17/2025
/ Artificial Intelligence ,
China ,
EU ,
Innovative Technology ,
International Trade ,
Investment ,
Machine Learning ,
Regulatory Agenda ,
Risk Management ,
Sustainability ,
Technology Sector ,
UK
The first binding obligations of the European Union’s landmark AI legislation, the EU AI Act (the Act), came into effect on February 2, 2025. Essentially, from this date, AI practices which present an unacceptable level of...more
2/4/2025
/ Artificial Intelligence ,
Biometric Information ,
Data Privacy ,
Data Protection ,
EU ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
General Data Protection Regulation (GDPR) ,
Privacy Laws ,
Regulatory Requirements ,
Risk Management
The NIS 2 Directive requires a wide range of in-scope organizations to adopt robust cybersecurity measures and incident response plans....more
11/5/2024
/ Compliance ,
Cyber Threats ,
Cybersecurity ,
Employee Training ,
Enforcement ,
EU ,
European Commission ,
Fines ,
General Data Protection Regulation (GDPR) ,
Incident Response Plans ,
Penalties ,
Reporting Requirements ,
Supply Chain
Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more
10/15/2024
/ CNIL ,
Consent ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Retention ,
Enforcement Actions ,
EU ,
France ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Sensitive Personal Information
In a landmark moment for global AI governance, the United States, European Union and United Kingdom have signed the Council of Europe’s framework convention on artificial intelligence and human rights, democracy, and the rule...more
9/17/2024
/ Artificial Intelligence ,
Ethics ,
EU ,
Human Rights ,
Innovative Technology ,
International Treaties ,
Machine Learning ,
Regulatory Agenda ,
Treaties ,
UK ,
United States
The agreed text of the AI Act was published on July 12, 2024, essentially starting the clock on the legal deadlines contained in it. Its obligations will apply in tiered phases, with the first key obligations being enforced...more
7/22/2024
/ Artificial Intelligence ,
Compliance ,
Corporate Counsel ,
Cybersecurity ,
Distributors ,
EU ,
Exemptions ,
Imports ,
Information Governance ,
Machine Learning ,
Manufacturers ,
Recordkeeping Requirements ,
Risk Assessment ,
Supply Chain
The FCC’s recent introduction of a new Voluntary Cybersecurity Labelling Program for consumer Internet of Things (IoT) products reflects the continued desire by U.S. regulators to bolster the security of the ever-increasing...more
4/10/2024
/ Compliance ,
Cybersecurity ,
Data Security ,
Distributors ,
EU ,
Imports ,
Internet ,
Internet of Things ,
Manufacturers ,
Regulatory Standards ,
Telecommunications ,
UK
Electronic identification and trust services (eIDAS) refer to a range of services that include verifying the identity of individuals and businesses online and verifying the authenticity of electronic documents. Since 2014,...more
On March 13, 2024, the EU Parliament voted to pass the EU’s much-discussed AI Act (with 523 votes in favor, 46 against and 49 abstentions). For an insight into the AI Act’s progression through the EU lawmaking system, see our...more
The Council of the European Union and the European Parliament reached a provisional agreement on a new comprehensive regulation governing AI, known as the “AI Act,” late on Friday night (December 8, 2023). While the final...more
The European Union (EU) has made steady progress in shaping its proposed AI law, known as the “AI Act.” With the European Parliament approving its preferred version, the AI Act has now entered the final stage of the...more
On March 24, 2022, the EU Parliament and Council negotiators agreed on the wording of new EU rules to limit the market power of big online platforms. The EU Digital Markets Act (DMA) will prohibit certain practices used by...more
Despite months of posturing and growing geopolitical tensions, Russia’s full-scale invasion of Ukraine this week was a shock to the global community. Western leaders have been swift and unanimous in their response, condemning...more
2/28/2022
/ Anti-Money Laundering ,
Asset Freeze ,
Biden Administration ,
Bureau of Industry and Security (BIS) ,
ECCNs ,
Economic Sanctions ,
EU ,
Executive Orders ,
Export Administration Regulations (EAR) ,
General Licenses ,
Office of Foreign Assets Control (OFAC) ,
Russia ,
SDN List ,
UK ,
Ukraine
Initial Global Sanctions on Russia in Response to Events in Eastern Ukraine - In response to President Putin’s televised recognition of Donetsk and Luhansk People’s Republics (“DNR” and “LNR”) of Ukraine as “independent”...more
The European Data Protection Board (EDPB), the body which represents EU data protection authorities, has adopted guidelines (Guidelines) confirming when transfers need to be “safeguarded” in accordance with the GDPR (and...more
This week the European Data Protection Board (EDPB), a body that represents European data protection authorities, set up a new cookie banner taskforce. The new taskforce will coordinate the response to over 400 complaints...more
With artificial intelligence (AI) becoming more are more embedded in our everyday lives, there has been a corresponding need for regulations that foster AI development and adoption in a responsible manner. The question is how...more
The European Union Court of Justice (“CJEU”) to rule on the validity of Model Contractual Clauses (“MCCs”) following referral by the Irish High Court.
The Irish High Court has “well-founded” concerns that there is no...more
11/17/2017
/ Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Protection ,
Data Protection Authority ,
EU ,
EU Data Protection Laws ,
European Economic Area (EEA) ,
FISA ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Model Clauses
The Office of Financial Sanctions Implementation ramps up enforcement activities in London -
A new UK sanctions enforcement body with added civil enforcement tools is ramping up activities. ...more
11/1/2017
/ Economic Sanctions ,
EU ,
Financial Institutions ,
HM Treasury ,
International Finance ,
Office of Financial Sanctions Implementation (OFSI) ,
Office of Foreign Assets Control (OFAC) ,
Policing and Crime Act 2017 ,
U.S. Treasury ,
UK ,
Voluntary Disclosure