In recent weeks, the EU and UK have both introduced changes to their respective versions of Europe’s landmark privacy legislation, the General Data Protection Regulation (GDPR). These reforms mark the first substantial...more
7/11/2025
/ Compliance ,
Cookies ,
Data Privacy ,
Data Protection ,
EU ,
General Data Protection Regulation (GDPR) ,
Member State ,
New Legislation ,
Personal Data ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
UK
- On 26 March 2025, the European Health Data Space (EHDS) Regulation entered into force. The regulation establishes a comprehensive framework for health-data sharing and access in the EU, with the dual aim of supporting the...more
6/26/2025
/ Compliance ,
Data Privacy ,
Data Security ,
Data-Sharing ,
Electronic Protected Health Information (ePHI) ,
EU ,
Health Care Providers ,
Healthcare ,
Healthcare Reform ,
Intellectual Property Protection ,
Life Sciences ,
Noncompliance ,
Personal Data ,
Regulatory Agenda ,
Regulatory Requirements ,
Shareholders
After years of regulatory uncertainty, the Trump administration has signaled a new approach to digital assets, including by establishing a working group focused on digital assets and nominating crypto-friendly chairs to the...more
5/6/2025
/ Artificial Intelligence ,
Blockchain ,
CFTC ,
Cryptocurrency ,
Cybersecurity ,
Data Privacy ,
Digital Assets ,
Enforcement Actions ,
Enforcement Priorities ,
FinTech ,
NYDFS ,
Popular ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
State Attorneys General ,
Technology
On April 23 and 24, 2025, regulators, industry leaders and data privacy leaders from across the globe convened in Washington, D.C. for the 2025 International Association of Privacy Professionals (IAPP) Global Privacy Summit....more
5/5/2025
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
State Privacy Laws ,
Technology ,
UK
In its first major initiative, on March 21, 2025, the Federal Communications Commission’s (FCC’s) newly formed Council on National Security (Council) launched an investigation into the “ongoing U.S. operations” of businesses...more
On March 24, 2025, Virginia Gov. Glenn Youngkin vetoed the High-Risk Artificial Intelligence Developer and Deployer Act (House Bill 2094). The bill, which had passed through the Virginia Legislature in February 2025, would...more
3/25/2025
/ Algorithms ,
Artificial Intelligence ,
Corporate Counsel ,
Employment Discrimination ,
New Legislation ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
State Legislatures ,
Technology Sector ,
Trump Administration
As Trump administration directives emerge, it’s crucial for businesses and other stakeholders to stay informed and adapt their strategies accordingly. We will provide ongoing coverage of these developments and their potential...more
2/4/2025
/ Affirmative Action ,
Artificial Intelligence ,
Climate Change ,
Cybersecurity ,
Diversity and Inclusion Standards (D&I) ,
Energy Sector ,
Environmental Social & Governance (ESG) ,
Executive Orders ,
Federal Contractors ,
Financial Regulatory Reform ,
Healthcare ,
Intellectual Property Protection ,
International Litigation ,
International Trade ,
Legislative Agendas ,
Life Sciences ,
National Security ,
New Legislation ,
New Regulations ,
OECD ,
Privacy Laws ,
Regulatory Agenda ,
Technology Sector ,
Trade Policy ,
Trump Administration
On January 23, 2025, President Donald Trump issued an executive order titled “Removing Barriers to American Leadership in Artificial Intelligence” (Trump AI Executive Order). The Trump AI Executive Order assigns select...more
Key Points -
- President-elect Trump appointed David Sacks, a venture capitalist, as the White House AI and crypto czar.
- The Trump administration is likely to adopt a light regulatory approach to AI development and...more
1/15/2025
/ Artificial Intelligence ,
Corporate Governance ,
Cryptocurrency ,
Cybersecurity ,
Federal Trade Commission (FTC) ,
Legislative Agendas ,
Machine Learning ,
National Security ,
New Legislation ,
Presidential Appointments ,
Regulatory Agenda ,
State and Local Government ,
Technology Sector ,
Trump Administration
At what point has a director served too long? What about term limits? A mandatory retirement age? When do a director’s skills become stale? These issues are addressed in this issue of The Informed Board, as well as why proxy...more
11/25/2024
/ Acquisitions ,
Artificial Intelligence ,
Board of Directors ,
Corporate Governance ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Privacy ,
Data Protection ,
Investment ,
Investors ,
Machine Learning ,
Mergers ,
National Security ,
Proxy Season ,
Publicly-Traded Companies ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Shareholder Activism ,
Technology Sector
In this edition of Insights, we take a closer look at the megadeals and sponsor transactions driving recent M&A activity, the importance of staying ahead of the risks in AI development and deployment, and other diverse...more
9/30/2024
/ Acquisitions ,
Administrative Procedure Act ,
Artificial Intelligence ,
Chevron Deference ,
Corner Post Inc v Board of Governors of the Federal Reserve System ,
Corporate Governance ,
Delaware General Corporation Law ,
Federal Bans ,
Federal Trade Commission (FTC) ,
Final Rules ,
Government Agencies ,
Judicial Authority ,
Loper Bright Enterprises v Raimondo ,
Machine Learning ,
Mergers ,
Non-Compete Agreements ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Authority ,
Regulatory Requirements ,
SCOTUS ,
SEC v Jarkesy ,
Securities and Exchange Commission (SEC) ,
Shareholder Litigation ,
Shareholders ,
Technology Sector
As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risks from developing and deploying AI systems that do not function as intended or that yield problematic outcomes....more
9/30/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
NIST ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
U.S. Commerce Department
AI has revolutionized the way many businesses operate. Firms in the financial sector are eager to take advantage of rapidly developing technologies but do not want to risk running afoul of relevant Securities and Exchange...more
9/16/2024
/ Artificial Intelligence ,
Broker-Dealer ,
Consumer Financial Products ,
Disclosure Requirements ,
Financial Services Industry ,
Investment Adviser ,
Machine Learning ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Technology Sector
Across industries, companies are facing new and uncertain regulatory pressures and demands in areas including artificial intelligence, sustainability, algorithmic pricing and fintech-bank relations. In this issue of The...more
9/10/2024
/ Algorithms ,
Antitrust Division ,
Artificial Intelligence ,
Banking Sector ,
Board of Directors ,
Competition ,
Corporate Governance ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
Enforcement Actions ,
EU ,
Financial Institutions ,
FinTech ,
Multinationals ,
Price-Fixing ,
Regulatory Agenda ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management ,
Sustainability ,
Technology Sector ,
UK
As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risk from developing and deploying AI systems that do not function as intended or that yield problematic outcomes. The...more
9/4/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
EU ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Technology Sector ,
UK
The Department of Defense (DoD) is currently reviewing and adjudicating the public comments received in response to its proposed regulations implementing its Cybersecurity Maturity Model Certification 2.0 program (CMMC)....more
8/13/2024
/ Aerospace ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Contracts ,
Department of Defense (DOD) ,
False Claims Act (FCA) ,
Federal Contractors ,
National Security ,
NIST ,
Proposed Rules ,
Regulatory Agenda ,
Regulatory Requirements
Tennessee has enacted the Ensuring Likeness, Voice and Image Security (ELVIS) Act, which aims to protect individuals from the use of their persona in connection with “deepfakes” (i.e., fake content generated by artificial...more
4/3/2024
/ Artificial Intelligence ,
Fraud ,
Innovative Technology ,
Intellectual Property Protection ,
Legislative Agendas ,
Machine Learning ,
Music Industry ,
Name and Likeness ,
New Legislation ,
Private Right of Action ,
Regulatory Agenda ,
State and Local Government ,
Technology ,
Tennessee
The Federal Communications Commission (FCC) recently approved a voluntary Internet of Things (IoT) Labeling Program, which allows manufacturers of IoT products to earn the FCC’s approval to display a “U.S. Cyber Trust Mark”...more
3/22/2024
/ Cybersecurity ,
Data Security ,
FCC ,
Internet of Things ,
Internet Retailers ,
Labeling ,
NIST ,
Online Marketplace ,
Popular ,
Regulatory Agenda ,
Telecommunications ,
Wireless Technology
AI in 2024: Monitoring New Regulation and Staying in Compliance With Existing Laws Companies that develop or employ AI tools have to consider proposed AI-specific regulation as well as an array of existing IP, privacy,...more
12/22/2023
/ Acquisitions ,
Artificial Intelligence ,
CFIUS ,
China ,
Cybersecurity ,
Data Privacy ,
Energy Sector ,
EU ,
Intellectual Property Litigation ,
Intellectual Property Protection ,
International Litigation ,
Investment ,
IRS ,
Mergers ,
National Security ,
New Hires ,
New Legislation ,
New Regulations ,
Outer Space ,
Private Equity ,
Regulatory Agenda ,
Securities and Exchange Commission (SEC) ,
Taxation ,
Technology Sector ,
Trade Relations ,
Trade Restrictions ,
UK
On October 10, 2023, California Gov. Gavin Newsom signed into law Senate Bill 362, also known as the Delete Act, allowing California residents to have their personal information deleted by all registered data brokers...more
12/15/2023
/ Audits ,
California ,
California Privacy Protection Agency (CPPA) ,
Compliance ,
Data Brokers ,
Data Deletion ,
Disclosure ,
Fair Credit Reporting Act (FCRA) ,
GLBA Privacy ,
Governor Newsom ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Legislation ,
Penalties ,
Regulatory Agenda
On 16 October 2023, France’s Data Protection Authority, the National Commission on Informatics and Liberty (CNIL), issued a set of guidelines for complying with the EU General Data Protection Regulation (GDPR) when...more
11/22/2023
/ Artificial Intelligence ,
CNIL ,
Data Protection ,
Data Storage ,
EU ,
General Data Protection Regulation (GDPR) ,
New Guidance ,
Personal Data ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Reform ,
Technology ,
UK
On October 30, the U.S. government released its long-awaited, sweeping executive order (the AI EO or Order) on artificial intelligence (AI). The Order directs various U.S. government departments and agencies to evaluate AI...more
11/6/2023
/ Artificial Intelligence ,
Biden Administration ,
Compliance ,
Copyright ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Executive Orders ,
Healthcare ,
Innovative Technology ,
Intellectual Property Protection ,
Legislative Agendas ,
Life Sciences ,
Machine Learning ,
National Security ,
Popular ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
Technology Sector
On September 20, 2023, the U.S. Department of Homeland Security released a report outlining the varied and sometimes conflicting reporting requirements that private entities face when they are victims of a cyber incident. The...more
10/17/2023
/ CIRC ,
Corporate Governance ,
Cyber Incident Reporting ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
Legislative Agendas ,
Popular ,
Public-Private Entities ,
Regulatory Agenda ,
Reporting Requirements ,
Securities and Exchange Commission (SEC)
On January 3, 2023, the Board of Governors of the Federal Reserve System (Federal Reserve), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC) issued a Joint Statement on...more
1/6/2023
/ Banks ,
Cryptoassets ,
Cryptocurrency ,
Enforcement ,
Federal Reserve ,
Financial Services Industry ,
Joint Statements ,
Non-Bank Lenders ,
OCC ,
Regulatory Agenda ,
Risk Factors
In this month’s Privacy & Cybersecurity Update, we examine the California Privacy Protection Agency’s revised draft regulations for the California Privacy Rights Act, the Federal Trade Commission’s settlement with a...more
12/6/2022
/ California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Direct Marketing ,
Electronic Communications ,
Enforcement ,
Federal Trade Commission (FTC) ,
Notice Requirements ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Proposed Regulation ,
Regulatory Agenda ,
Rulemaking Process ,
UK