William Ridgway

William Ridgway

Skadden, Arps, Slate, Meagher & Flom LLP

Contact

Readers' Choice Awards

Cybersecurity
Cybersecurity
View Bio
RSS

Latest Posts › Regulatory Requirements

Share:

The Last Piece of DORA Falls Into Place: 10 Lessons From the First Six Months

- What is new: The EU’s Delegated Regulation on Subcontracting has come into force, completing the legal framework of the Digital Operational Resilience Act (DORA). Attention will now turn to enforcement. - Why it matters:...more

7/24/2025  /  Compliance , Corporate Counsel , Cybersecurity , Digital Operational Resilience Act (DORA) , Enforcement Actions , EU , Financial Services Industry , Incident Response Plans , Regulatory Requirements , Risk Management

Something Is Better Than Nothing: UK and EU GDPR Reform Finally Arrives

In recent weeks, the EU and UK have both introduced changes to their respective versions of Europe’s landmark privacy legislation, the General Data Protection Regulation (GDPR). These reforms mark the first substantial...more

7/11/2025  /  Compliance , Cookies , Data Privacy , Data Protection , EU , General Data Protection Regulation (GDPR) , Member State , New Legislation , Personal Data , Regulatory Agenda , Regulatory Reform , Regulatory Requirements , UK

The EU’s New Cybersecurity Law for the Space Sector

On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more

7/9/2025  /  Compliance , Cybersecurity , Data Privacy , Enforcement , EU , National Security , Outer Space , Privacy Laws , Proposed Legislation , Regulatory Requirements , Reporting Requirements , Risk Management

The European Health Data Space – What EU Health Care Providers and Data Holders Need To Know

- On 26 March 2025, the European Health Data Space (EHDS) Regulation entered into force. The regulation establishes a comprehensive framework for health-data sharing and access in the EU, with the dual aim of supporting the...more

6/26/2025  /  Compliance , Data Privacy , Data Security , Data-Sharing , Electronic Protected Health Information (ePHI) , EU , Health Care Providers , Healthcare , Healthcare Reform , Intellectual Property Protection , Life Sciences , Noncompliance , Personal Data , Regulatory Agenda , Regulatory Requirements , Shareholders

Texas Charts New Path on AI With Landmark Regulation

Texas has become the second state, after Colorado, to enact omnibus legislation regulating artificial intelligence (AI) systems. On June 22, 2025, Texas Gov. Greg Abbott signed into law the Texas Responsible Artificial...more

6/24/2025  /  Artificial Intelligence , Biometric Information , Corporate Counsel , Data Privacy , Disclosure Requirements , Enforcement Actions , Government Agencies , Legislative Agendas , New Legislation , Regulatory Requirements , State and Local Government , State Attorneys General , Technology , Texas

EU Data Act: Three Months To Go Before New Rules on Data Access and Sharing Take Effect

Executive Summary - The EU Data Act, whose requirements apply from 12 September 2025, establishes new rights for businesses and consumers to access data they generated using “connected devices,” limiting the exclusive...more

6/24/2025  /  Cloud Computing , Competition , Contract Terms , DATA Act , Data Privacy , Data Protection , Data-Sharing , Enforcement , EU , General Data Protection Regulation (GDPR) , New Legislation , Regulatory Requirements , UK

Cybersecurity Trends in the Digital Asset Space

After years of regulatory uncertainty, the Trump administration has signaled a new approach to digital assets, including by establishing a working group focused on digital assets and nominating crypto-friendly chairs to the...more

5/6/2025  /  Artificial Intelligence , Blockchain , CFTC , Cryptocurrency , Cybersecurity , Data Privacy , Digital Assets , Enforcement Actions , Enforcement Priorities , FinTech , NYDFS , Popular , Regulatory Agenda , Regulatory Requirements , Risk Management , Securities and Exchange Commission (SEC) , State Attorneys General , Technology

Key Themes From the 2025 IAPP Global Privacy Summit

On April 23 and 24, 2025, regulators, industry leaders and data privacy leaders from across the globe convened in Washington, D.C. for the 2025 International Association of Privacy Professionals (IAPP) Global Privacy Summit....more

5/5/2025  /  Artificial Intelligence , California Consumer Privacy Act (CCPA) , Corporate Counsel , Cybersecurity , Data Privacy , Data Protection , Enforcement Actions , EU , General Data Protection Regulation (GDPR) , Machine Learning , Privacy Laws , Regulatory Agenda , Regulatory Requirements , State Privacy Laws , Technology , UK

Eight-State Consortium of Privacy Regulators Marks Shift Toward Coordinated Enforcement

In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more

5/5/2025  /  California Privacy Protection Agency (CPPA) , Consumer Privacy Rights , Corporate Counsel , Cybersecurity , Data Collection , Data Privacy , Enforcement , Enforcement Actions , Personal Information , Privacy Laws , Regulatory Requirements , State Attorneys General , State Privacy Laws

California Attorney General Warns That FCPA Violations Are Still Actionable Under State Law

Key Points -- - The FCPA remains valid and enforceable U.S. law, and violations of the law may serve as a predicate offense under state and local laws. - Companies should be prepared for continued enforcement of...more

4/9/2025  /  Anti-Corruption , California , Corporate Governance , Enforcement Actions , Executive Orders , Foreign Corrupt Practices Act (FCPA) , Government Agencies , Regulatory Requirements , State Attorneys General , Trump Administration

Veto of Virginia AI Bill Raises Questions About the Future of State-Level Regulation

On March 24, 2025, Virginia Gov. Glenn Youngkin vetoed the High-Risk Artificial Intelligence Developer and Deployer Act (House Bill 2094). The bill, which had passed through the Virginia Legislature in February 2025, would...more

3/25/2025  /  Algorithms , Artificial Intelligence , Corporate Counsel , Employment Discrimination , New Legislation , Regulatory Agenda , Regulatory Requirements , Risk Management , State Legislatures , Technology Sector , Trump Administration

FTC Finalizes Long-Awaited Child Online Privacy Rule Amendments

On January 16, 2025, the Federal Trade Commission (FTC) finalized amendments to the Children’s Online Privacy Protection Act (COPPA) Rule (Final Rule) relating to the collection, use and disclosure of personal information...more

1/30/2025  /  Consent , Consumer Privacy Rights , COPPA , Data Privacy , Data Retention , Data Security , Disclosure Requirements , Federal Trade Commission (FTC) , Final Rules , Online Safety for Children , Personal Information , Privacy Laws , Regulatory Requirements

The Informed Board - November 2024

At what point has a director served too long? What about term limits? A mandatory retirement age? When do a director’s skills become stale? These issues are addressed in this issue of The Informed Board, as well as why proxy...more

11/25/2024  /  Acquisitions , Artificial Intelligence , Board of Directors , Corporate Governance , Cyber Attacks , Cybersecurity , Cybersecurity Framework , Data Privacy , Data Protection , Investment , Investors , Machine Learning , Mergers , National Security , Proxy Season , Publicly-Traded Companies , Regulatory Agenda , Regulatory Requirements , Risk Management , Securities and Exchange Commission (SEC) , Shareholder Activism , Technology Sector

What Companies Can Do To Protect Against Cyberattacks … and the Litigation That Often Follows

Cyber threats continue to grow as a result of increased digitization, widespread use of cloud computing, advanced connectivity and artificial intelligence (AI), requiring boards of directors across all sectors to focus more...more

11/22/2024  /  Artificial Intelligence , Board of Directors , Corporate Governance , Crisis Management , Cyber Attacks , Cybersecurity , Cybersecurity Framework , Data Privacy , Machine Learning , Privacy Laws , Publicly-Traded Companies , Regulatory Oversight , Regulatory Requirements , Risk Management , Securities and Exchange Commission (SEC) , Securities Litigation , Third-Party

Recent SEC Cyber-Related Enforcement Actions Emphasize the Importance of Robust Disclosure Controls

On October 22, 2024, the Securities and Exchange Commission (SEC) announced enforcement actions against several technology companies for making materially misleading disclosures regarding cybersecurity risks and intrusions....more

11/11/2024  /  Cyber Attacks , Cybersecurity , Disclosure Requirements , Enforcement Actions , Publicly-Traded Companies , Regulatory Requirements , Securities and Exchange Commission (SEC) , Securities Regulation , Securities Violations , SolarWinds , Technology Sector

Insights - September 2024

In this edition of Insights, we take a closer look at the megadeals and sponsor transactions driving recent M&A activity, the importance of staying ahead of the risks in AI development and deployment, and other diverse...more

9/30/2024  /  Acquisitions , Administrative Procedure Act , Artificial Intelligence , Chevron Deference , Corner Post Inc v Board of Governors of the Federal Reserve System , Corporate Governance , Delaware General Corporation Law , Federal Bans , Federal Trade Commission (FTC) , Final Rules , Government Agencies , Judicial Authority , Loper Bright Enterprises v Raimondo , Machine Learning , Mergers , Non-Compete Agreements , Privacy Laws , Regulatory Agenda , Regulatory Authority , Regulatory Requirements , SCOTUS , SEC v Jarkesy , Securities and Exchange Commission (SEC) , Shareholder Litigation , Shareholders , Technology Sector

Developing and Using AI Require Close Monitoring of Risks and Regulations

As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risks from developing and deploying AI systems that do not function as intended or that yield problematic outcomes....more

9/30/2024  /  Artificial Intelligence , Corporate Governance , Cybersecurity , Data Privacy , NIST , Popular , Privacy Laws , Regulatory Agenda , Regulatory Requirements , Risk Management , Technology Sector , U.S. Commerce Department

How and When SEC Recordkeeping Rules May Apply to AI-Generated Content

AI has revolutionized the way many businesses operate. Firms in the financial sector are eager to take advantage of rapidly developing technologies but do not want to risk running afoul of relevant Securities and Exchange...more

9/16/2024  /  Artificial Intelligence , Broker-Dealer , Consumer Financial Products , Disclosure Requirements , Financial Services Industry , Investment Adviser , Machine Learning , Regulatory Agenda , Regulatory Reform , Regulatory Requirements , Reporting Requirements , Securities and Exchange Commission (SEC) , Technology Sector

The Informed Board - Summer 2024

Across industries, companies are facing new and uncertain regulatory pressures and demands in areas including artificial intelligence, sustainability, algorithmic pricing and fintech-bank relations. In this issue of The...more

9/10/2024  /  Algorithms , Antitrust Division , Artificial Intelligence , Banking Sector , Board of Directors , Competition , Corporate Governance , Department of Justice (DOJ) , Disclosure Requirements , Enforcement Actions , EU , Financial Institutions , FinTech , Multinationals , Price-Fixing , Regulatory Agenda , Regulatory Requirements , Reporting Requirements , Risk Management , Sustainability , Technology Sector , UK

AI Safety: The Role of the Board in Assessing and Managing AI Risk

As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risk from developing and deploying AI systems that do not function as intended or that yield problematic outcomes. The...more

9/4/2024  /  Artificial Intelligence , Corporate Governance , Cybersecurity , Data Privacy , EU , Machine Learning , Privacy Laws , Regulatory Agenda , Regulatory Requirements , Risk Assessment , Risk Management , Technology Sector , UK

How Defense Contractors Can Prepare Now for CMMC Implementation

The Department of Defense (DoD) is currently reviewing and adjudicating the public comments received in response to its proposed regulations implementing its Cybersecurity Maturity Model Certification 2.0 program (CMMC)....more

8/13/2024  /  Aerospace , Cybersecurity , Cybersecurity Maturity Model Certification (CMMC) , Defense Contracts , Department of Defense (DOD) , False Claims Act (FCA) , Federal Contractors , National Security , NIST , Proposed Rules , Regulatory Agenda , Regulatory Requirements

Colorado’s Landmark AI Act: What Companies Need To Know

Colorado has become the first state to enact a comprehensive law relating to the development and deployment of certain artificial intelligence (AI) systems. The Colorado Artificial Intelligence Act (CAIA), which will go into...more

6/24/2024  /  Artificial Intelligence , Colorado , Consumer Financial Products , Consumer Protection Laws , Cybersecurity , Data Privacy , Disclosure Requirements , FinTech , Machine Learning , New Legislation , Regulatory Reform , Regulatory Requirements , Risk Management

CPPA’s First Enforcement Advisory Focuses on Applying Data Minimization Principles to Consumer Requests

On April 2, 2024, the Enforcement Division of the California Privacy Protection Agency (CPPA) issued Enforcement Advisory No. 2024-01. This first-ever enforcement advisory focuses on promoting compliance with California...more

4/19/2024  /  Artificial Intelligence , California Consumer Privacy Act (CCPA) , California Privacy Protection Agency (CPPA) , Consumer Litigation , Cybersecurity , Data Collection , Data Privacy , Enforcement , Financial Institutions , FinTech , Intellectual Property Protection , Opt-Outs , Regulatory Requirements , Technology

AI Insights: Biden Administration Passes Sweeping Executive Order on Artificial Intelligence

On October 30, the U.S. government released its long-awaited, sweeping executive order (the AI EO or Order) on artificial intelligence (AI). The Order directs various U.S. government departments and agencies to evaluate AI...more

11/6/2023  /  Artificial Intelligence , Biden Administration , Compliance , Copyright , Corporate Governance , Cybersecurity , Data Privacy , Data Security , Executive Orders , Healthcare , Innovative Technology , Intellectual Property Protection , Legislative Agendas , Life Sciences , Machine Learning , National Security , Popular , Regulatory Agenda , Regulatory Reform , Regulatory Requirements , Technology Sector

Privacy & Cybersecurity Update - July 2023

In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more

8/2/2023  /  Biometric Information Privacy Act , California , California Privacy Rights Act (CPRA) , Cyber Incident Reporting , Cybersecurity , Cybersecurity Framework , Data Privacy , Data Transfers , Disclosure , EU , European Commission , European Economic Area (EEA) , General Data Protection Regulation (GDPR) , NYDFS , Oregon , Popular , Privacy Laws , Proposed Amendments , Regulatory Requirements , Risk Management , Texas
27 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide