Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
EU Launches UK Adequacy Decision Renewal Process - On 22 July 2025, the European Commission announced that it had launched the process to renew the adequacy decision for the United Kingdom (UK) and confirmed that the UK’s...more
The European Commission has published the final version of a general-purpose AI (“GPAI”) Code of Practice. We took a deeper look into it and prepared a short summary to help you understand what the GPAI Code of Practice is,...more
The UK’s Data (Use and Access) Act received Royal Assent last Thursday, June 19th, bringing into law some significant changes to the country’s post Brexit data protection framework, among an array of other, related rules (on...more
On May 14, 2025, the European Data Protection Board ("EDPB") issued a favorable opinion on granting a six-month extension to the existing adequacy decisions for the UK, following a formal proposal from the European...more
On May 21 2025, the European Commission adopted a Single Market Simplification proposal, containing a new package of measures for the simplification of the EU single market with the aim of reducing bureaucracy and regulatory...more
This regular alert covers key policy and regulatory developments related to EU geopolitical risks, including in particular, economic security, Russia’s war against Ukraine, health threats, and cyber threats. It does not...more
The European Commission’s proposed amendments to the General Data Protection Regulation (GDPR) mark the first substantive reworking of the regulation since its enactment, signaling a material shift toward economic pragmatism....more
The European Commission has published its proposal for a new regulation simplifying the EU General Data Protection Regulation (“GDPR”) requirements for small mid-cap enterprises (“the Proposal“). The Proposal forms part of...more
EURid, the Registry responsible for running the .EU Top Level Domain (TLD), recently posted a publication to celebrate its 19th anniversary and highlight its achievements. EURid was incorporated under Belgian law in April...more
On April 22, 2025, the AI Office within the EU Commission launched a multi-stakeholder consultation to assist in the preparation of guidelines aiming at clarifying the scope of the rules for providers of GPAI models in the AI...more
While the authorities’ publications on AI have recently tended to be in the area of data protection (such as the EDPB, which we covered here and here), the European Commission has recently published its first set of [draft]...more
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
On March 18, 2025, the European Commission proposed to extend its adequacy decision in favor of the United Kingdom (‘UK’) for an additional six-month period. This would allow free flows of personal data from the EU to the UK...more
The European Commission (EC) has released an updated version of the Model Contractual Clauses for AI Procurement (MCC-AI), providing further guidance for public-sector buyers navigating AI procurement under the European Union...more
The first EU & UK AI Round-up, published on 15 January 2025, discussed the important regulatory updates affecting the AI ecosystem in both the EU and the UK that occurred towards the end of 2024. Notably since that update,...more
On February 3 2025, the European Commission published an updated version of the Frequently Asked Questions (FAQs) about the Regulation (EU) 2023/2854 on harmonised rules on fair access to and use of data (Data Act). Key...more
On February 11 2025, the European Commission (the EU Commission) released its 2025 work programme in which it published its AI and privacy initiatives for 2025 (the Work Programme) in order to boost competitiveness, enhance...more
On 11 February 2024, the European Data Protection Board (EDPB) adopted a new statement on age assurance. This statement, while not legally binding, will guide the enforcement of age-gating methods across the EU. Age assurance...more
The European Commission has substantially expanded its use of the Consumer Protection Cooperation (‘CPC’) Regulation to secure compliance by market places and other online services with EU consumer protection law. This...more
The European Commission recently issued a formula for identifying Artificial Intelligence Systems: Machine-based system- Designed to operate with varying levels of autonomy- •Some degree of independence of actions from...more
The European Supervisory Authorities have published the terms of reference for the EU systemic cyber incident co-ordination framework Forum established under the EU Digital Operational Resilience Act. The Forum will be...more
A critical look, under the lens of AI, at the main proposals of the European Commission's Competitiveness Compass, both against its goals and the broader EU legal framework. The Competitiveness Compass unveils a nuanced...more
The European Union Artificial Intelligence Act (AI Act) entered into force on 1 August 2024. The AI Act establishes a risk-based approach to AI, prohibiting certain practices that are deemed unacceptable, such as social...more
The European Union’s AI Act is now in effect. Officially entering into force on August 1, 2024, the regulation has begun reshaping the artificial intelligence landscape across Europe. While some of its key prohibitions will...more
The first compliance deadline set out in the European Union (EU)’s Regulation (EU) 2024/1689, or the EU AI Act, took effect on February 2, 2025. ...more