The EU AI Act (AI Act), effective since February 2025, introduces a risk-based regulatory framework for AI systems and a parallel regime for general-purpose AI (GPAI) models. It imposes obligations on various actors,...more
On June 26, 2025, the UK government brought into force the Public Interest Disclosure (Prescribed Persons) (Amendment) Order 2025 (the “2025 Amendment”), marking a notable development in the UK government’s sanctions...more
7/7/2025
/ Corporate Counsel ,
Disclosure Requirements ,
Economic Sanctions ,
Enforcement ,
Financial Institutions ,
HM Treasury ,
New Legislation ,
Reporting Requirements ,
UK ,
Whistleblower Protection Policies ,
Whistleblowers
The NIS 2 Directive requires a wide range of in-scope organizations to adopt robust cybersecurity measures and incident response plans....more
11/5/2024
/ Compliance ,
Cyber Threats ,
Cybersecurity ,
Employee Training ,
Enforcement ,
EU ,
European Commission ,
Fines ,
General Data Protection Regulation (GDPR) ,
Incident Response Plans ,
Penalties ,
Reporting Requirements ,
Supply Chain
New UK enforcement body goes live and new powers granted to existing body, regulating those doing business in the UK.
UK trade sanctions enforcement risks are set to increase on October 10, 2024, as two government agencies...more
10/11/2024
/ Aviation Industry ,
Economic Sanctions ,
Enforcement ,
Export Controls ,
Financial Institutions ,
Financial Services Industry ,
HMRC ,
National Crime Agency (NCA) ,
Office of Financial Sanctions Implementation (OFSI) ,
Penalties ,
Reporting Requirements ,
Sanction Violations ,
Shipping ,
UK
U.S. companies can now self-certify to permit personal data to freely flow from the Europe to the United States.
U.S. organizations can now self-certify their compliance with the EU-U.S. Data Privacy Framework (DPF) to...more
7/27/2023
/ BCRs ,
Data Integrity ,
Data Privacy ,
Data Security ,
Department of Transportation (DOT) ,
Enforcement ,
EU-US Privacy Shield ,
European Economic Area (EEA) ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Self-Certification ,
Standard Contractual Clauses ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
American Data Privacy and Protection Act would require organizations to limit collection of personal information, grant consumers access to their own data, enhance data protections for children, mandate implementation of...more
7/11/2022
/ California Consumer Privacy Act (CCPA) ,
Corporate Counsel ,
Data Privacy ,
Data Protection ,
Enforcement ,
Federal Data Privacy ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Personal Information ,
Privacy Policy ,
Private Right of Action ,
Proposed Legislation ,
Small Business ,
Third-Party Service Provider
A recent survey of over 1,200 of the top mobile apps in 19 countries by the Global Privacy Enforcement Network ("GPEN") has found that 85% of the apps reviewed were non-compliant, failing to provide even the most basic...more