We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Over the last few months, organisations have accelerated efforts to engage with the requirements of the EU AI Act as we fast approach the date for when rules relating to general purpose AI models (“GPAI models”) come into...more
On June 16, 2025, the Council of the EU (Council) and the European Parliament (EP) reached an agreement on a new regulation (the Draft Regulation) to enhance enforcement of the General Data Protection Regulation (GDPR). The...more
On May 14, 2025, the European Data Protection Board ("EDPB") issued a favorable opinion on granting a six-month extension to the existing adequacy decisions for the UK, following a formal proposal from the European...more
On May 21 2025, the European Commission adopted a Single Market Simplification proposal, containing a new package of measures for the simplification of the EU single market with the aim of reducing bureaucracy and regulatory...more
The European Commission’s proposed amendments to the General Data Protection Regulation (GDPR) mark the first substantive reworking of the regulation since its enactment, signaling a material shift toward economic pragmatism....more
The European Commission has published its proposal for a new regulation simplifying the EU General Data Protection Regulation (“GDPR”) requirements for small mid-cap enterprises (“the Proposal“). The Proposal forms part of...more
Data privacy laws have been progressing globally, but federal legislation in the U.S. has been lacking - Businesses are facing a growing number of data privacy regulations. This is especially apparent among those in highly...more
On 8 March 2023, the newly-created Department for Science, Innovation and Technology (“DSIT”) introduced the UK government’s updated proposals for data protection reform in the shape of the Data Protection and Digital...more
The updated reform legislation provides welcome guidance and clarifications on aspects such as legitimate interests and accountability, without substantially shifting the approach proposed under the existing reform bill. ...more
While the reform is a long way away from a certainty, it represents a departure of the UK from the EU’s strict adherence and adoption of the General Data Protection Regulation which came into effect in 2018. Earlier this...more
Areas of interest include anonymisation, “recognised legitimate interests”, and the ICO’s role. The UK Data Protection and Digital Information Bill (the Bill) sets out the government’s proposals for reforming the current...more
The bill would largely build on the UK data protection regime’s EU GDPR-style framework, albeit with UK-specific provisions. The UK government introduced the Data Protection and Digital Information Bill (the Bill) to...more
The UK government has recently published proposals to amend UK data protection legislation with moves towards divergence from EU rules and regulation following the UK’s decision to leave the EU (“Brexit”). The Data Protection...more
The latest proposed Federal Privacy Law, titled the American Data Privacy and Protection Act (“ADPPA”), continues to gain momentum and in late July 2022, the House Committee on Energy and Commerce voted to advance the bill to...more
American Data Privacy and Protection Act would require organizations to limit collection of personal information, grant consumers access to their own data, enhance data protections for children, mandate implementation of...more
The proposed law - which is broadly applicable to most entities doing business in the United States - is the first real indication of bipartisan movement on data protection at the federal-level. The House Committee on...more
On 10 May 2022 and as part of the Queen’s speech, which sets out the programme of legislation for the forthcoming parliamentary session, the government announced proposals to table a Data Reform Bill (the Bill) to reform the...more
Forty years after the enactment of the Israeli Privacy Protection Law, a new draft bill seeks to adapt the Privacy Protection Law to the digital age. One of the main purposes of the draft bill is to preserve the right to...more
A new trend in privacy and cybersecurity laws is the introduction of safe harbor clauses for aligning data protection controls to recognized data privacy and cybersecurity frameworks. OHIO HB376: In July 2021, Ohio...more
Welcome to the latest edition of Updata - the international update from Eversheds Sutherland’s dedicated Privacy and Cybersecurity team. Updata provides you with a compilation of privacy and cybersecurity regulatory and...more
A cynical online commenter once wrote this about the data collection practices of the online news site Digg: “If you are not paying for it, you’re not the customer; you’re the product being sold.” This is true of almost...more
Global data privacy legislation has steadily advanced over the past several years, with one of the most comprehensive and well-known laws being the General Data Protection Regulation (GDPR), governing personal data...more
The legislation updates the Children’s Online Privacy Protection Act (COPPA) by prohibiting internet companies from collecting personal information from anyone 13- to 15-years old without the user’s consent Senators...more
Expect More Criminal Enforcement & What You Can Do To Minimize Your Risk - Antitrust cartel and related collusive scheme enforcement is poised to increase. Several factors support this: (1) the Antitrust Division (the...more
Shook Weighs in on Updated CCPA Regulations - In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more