Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
Drug and device manufacturers are increasingly targeted by cyber threats that can compromise patient safety, intellectual property, and other critical data and systems, while also facing new regulatory demands. As regulators...more
L’attribution de la responsabilité dans les contrats relatifs aux technologies en cas d’atteintes à la protection des données est une préoccupation croissante pour les entreprises canadiennes. Récemment, Blakes a publié la...more
California has approved new regulations requiring some companies to conduct annual audits of their cybersecurity programs, including the policies, procedures, and practices for protecting personal information. On July 24,...more
INTRODUCTION - Almost eight years after the Cybersecurity Law (“CSL”) came into force in the PRC in 2017, the Cyberspace Administration of China (“CAC”) issued draft amendments to the CSL (“2025 Draft Amendments”) on 28...more
The European Central Bank (ECB) has published its Guide on outsourcing cloud services to cloud service providers (the "Guide") clarifying how banks are expected to comply with obligations under the EU Digital Operational...more
In an era when data is everything, everywhere, all at once and computation has almost no limit, ensuring privacy while leveraging data analytics is paramount. The US Department of Commerce’s National Institute of Standards...more
The UK Information Commissioner’s Office’s (the ICO’s) latest Annual Report summarises its accomplishments and priorities, including last year’s enforcement actions. Based on our review of the report, we see the ICO focusing,...more
While appointing and registering a DPO has been mandatory in China for many years, a portal has now finally been established for organisations to register those DPOs with the China data protection authority. This resolves...more
Don’t miss this complimentary webinar spotlighting the five most pressing regulatory developments reshaping compliance in Canada’s financial sector. From board-level liability, to shifting enforcement priorities, get up to...more
With the rapid development of informatization, how to better safeguard national security in an increasingly complex information environment has become a critical consideration in digital legislation. A key issue within this...more
Introduction: Understanding Cloud Data in the Modern Digital Landscape - In today’s hyper-connected digital world, we interact with vast amounts of data, much of which isn’t stored locally on our devices but instead...more
The European Commission has published the final version of a general-purpose AI (“GPAI”) Code of Practice. We took a deeper look into it and prepared a short summary to help you understand what the GPAI Code of Practice is,...more
With the seemingly never-ending updates to B2B contracts for compliance with new (and amended) comprehensive state privacy laws, the U.S. Department of Justice’s bulk data transfer rule, and artificial intelligence (AI)...more
On July 10, 2025, the EU published its Code of Practice for General-Purpose AI Models, a comprehensive, though not exhaustive, framework designed to guide Artificial Intelligence ("AI") providers in complying with the...more
Voici l’édition de l’été 2025 de l’infolettre Gouvernail des données de Blakes, une publication du groupe Protection de la vie privée et des données de Blakes. Cette infolettre a pour but d’effectuer un survol des...more
The Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, and the regulations promulgated thereunder (collectively “HIPAA”) is a...more
On June 5, 2025, the UK’s Information Commissioner’s Office (ICO) fined 23andMe £2.31 million (~$3.1 million). The fine was for failing to implement adequate security measures to protect the personal data of over 155,000 UK...more
Welcome to the Summer 2025 issue of Blakes Data Governor, published by the Blakes Privacy & Data Protection group. Blakes Data Governor provides actionable insights and practical overviews of recent developments impacting...more
This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more
In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more
On 17 March 2025, the Australian Government published Model Clauses to help government purchasers manage vendor relationships when procuring AI technology based systems and services. The Model Clauses cover issues relevant to...more
This regular alert covers key policy and regulatory developments related to EU geopolitical risks, including in particular, economic security, Russia’s war against Ukraine, health threats, and cyber threats. It does not...more
This monthly report outlines key developments in China’s data protection sector for May. The following events merit special attention...more
The rapid development of data protection laws across the Asia-Pacific region indicates significant movement toward certain standards, albeit with notable local policy variations across multiple areas. Our Asia-Pacific Data,...more