Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
The Data (Use and Access) Act 2025 (Commencement No. 1) Regulations 2025 (SI 2025/904) have been made and published. The Regulations bring certain key provisions of the Data (Use and Access) Act 2025 (DUAA) into force from 20...more
The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more
The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more
The Data (Use and Access) Bill passed both Houses of UK Parliament and received Royal Assent on 19 June 2025, now becoming the Data (Use and Access) Act 2025 (“DUA Act”). This is the final iteration of the Data Protection and...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
In a December, the Information Commissioner’s Office (ICO) responded to Google’s decision to lift a prohibition on device fingerprinting (which involves collecting and combining information about a device’s software and...more
On December 12 2024 the ICO published an outcomes report on its 2024 generative AI consultation series (the Report). The Report addresses five key areas regarding generative AI and its relation to data protection: -...more
On March 23 2018, the Information Commissioner’s Office (ICO) executed a warrant to enter and search the offices of Cambridge Analytica. The purpose of the search was to access records concerning its alleged use of personal...more
On October 23, the UK Government’s House of Lords had its first reading of a new proposed data protection bill, the Data (Use and Access) Bill (“DUA Bill”), as sponsored by the Department of Science, Innovation, and...more
This is the final note in a three-part series on the regulation of artificial intelligence in the financial services sector in the United States, the European Union and the United Kingdom. Our first note, we provided a...more
Latham & Watkins and Privacy Laws & Business recently co-hosted a webinar looking back on the first eight months since the UK-US Data Bridge entered into force. Speakers from the UK Information Commissioner’s Office (ICO) and...more
To help organizations stay on top of the main developments in European digital compliance, Morrison Foerster’s European Digital Regulatory Compliance team reports on some of the main topical digital regulatory and compliance...more
This blog notes some of the key features of the Addendum. At its core, the Addendum can be used in relation to both controller BCRs and processor BCRs. Organisations then have a choice as to whether they use the Addendum in...more
A challenging economic situation is prompting contentious staffing decisions. The rise of hybrid work has led employers to generate more information in more places about employees. Against this backdrop, more employees are...more
Within the past year, a number of countries around the world, including the United States, United Kingdom, France, and The Netherlands have initiated regulatory inquiries and developed new strategies for the purpose of more...more
On 17 November 2022, the Information Commissioner's Office (“ICO”) announced that it has updated its guidance on international data transfers. In its announcement, the ICO outlined its intention to “clarify an alternative...more
While countries all over the globe continue to make data privacy strides, comparing similarities and differences between the EU and U.K. is important in light of Brexit. It is also crucial to know the differences as they...more
What can the California Privacy Protection Agency learn from the EU experience as it gets ready to draft regulations regarding DPIAs? Here is a recap of my remarks from the CPRA Regulations Stakeholder Session:...more
Research and development, innovation, product and service improvement, AI design and deployment...these are key commercial drivers for the successful modern business. They also underpin technological, medicinal, and other...more
The Information Commissioner’s Office (ICO) recently released its response to the UK government consultation, ‘Data: A new direction’. The consultation was conducted by the Department for Digital, Culture, Media and Sport...more
Hogan Lovells’ Privacy and Cybersecurity team have made a formal submission to the Information Commissioner’s Office consultation on how organisations can continue to protect people’s personal data when it is transferred...more
Here are a few takeaways from what I said this week at the InfoGov World Expo virtual auditorium. •Is it still “early days for GDPR?” Not if you ask Germany, France’s Commission Nationale de l’Informatique et des Libertés...more
The United Kingdom Information Commissioner’s Office (ICO) recently launched a consultation regarding the transfer of personal data outside of the U.K. The ICO is seeking comment on its draft international data transfer...more
The dust has settled on the new EU standard contractual clauses for cross-border data transfers (“New SCCs”), but confusion still reins on how the New SCCs cover data transfers and what companies need to do to take advantage...more
Amazon’s financial records have revealed that the Luxembourg data protection supervisory authority, the Commission Nationale pour la Protection des Données (“CNPD”), is fining the retailer’s European arm (Amazon Europe Core...more