News & Analysis as of

General Data Protection Regulation (GDPR) Regulatory Requirements Data Privacy

Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts... more +
Follow this channel for updates and analysis on all aspects of the European Union's General Data Protection Regulation, a reform of EU's data protection rules that impacts individuals throughout the Union and all businesses operating therein. less -
WilmerHale

AI and GDPR: A Road Map to Compliance by Design - Episode 5: Using AI

WilmerHale on

The rise of artificial intelligence (AI) and its widespread availability offers significant growth opportunities for businesses. However, it necessitates a robust governance framework to ensure compliance with regulatory...more

WilmerHale

AI and GDPR: A Road Map to Compliance by Design - Episode 3: The Design Phase

WilmerHale on

The rise of artificial intelligence (AI) and its widespread availability offers significant growth opportunities for businesses. However, it necessitates a robust governance framework to ensure compliance with regulatory...more

Katten Muchin Rosenman LLP

EU Initiates Renewal of UK Adequacy Decision Following the UK's Adoption of the Data (Use and Access) Act 2025

Katten Muchin Rosenman LLP on

EU Launches UK Adequacy Decision Renewal Process - On 22 July 2025, the European Commission announced that it had launched the process to renew the adequacy decision for the United Kingdom (UK) and confirmed that the UK’s...more

WilmerHale

AI and GDPR: A Road Map to Compliance by Design - Episode 2: The Design Phase

WilmerHale on

The rise of artificial intelligence (AI) and its widespread availability offers significant growth opportunities for businesses. However, it necessitates a robust governance framework to ensure compliance with regulatory...more

Hogan Lovells

Cambodia moves to enact comprehensive data privacy law

Hogan Lovells on

On July 23, 2025, Cambodia released a draft of its first ever comprehensive personal data protection law, the Law on Personal Data Protection (“LPDP”). Once passed, Cambodia will join the ranks of seven other countries...more

WilmerHale

AI and GDPR: A Road Map to Compliance by Design - Episode 1: The Planning Phase

WilmerHale on

The rise of artificial intelligence (AI) and its widespread availability offers significant growth opportunities for businesses. However, it necessitates a robust governance framework to ensure compliance with regulatory...more

Latham & Watkins LLP

UK Adequacy Holds Firm Under New Data (Use and Access) Act 2025

Latham & Watkins LLP on

The DUAA introduces several reforms to UK data protection law, but their implications are relatively limited in practice. The Data (Use and Access) Act 2025 (the DUAA) was enacted on 19 June 2025 and amends rather than...more

King & Spalding

EU & UK AI Round-up – July 2025

King & Spalding on

Over the last few months, organisations have accelerated efforts to engage with the requirements of the EU AI Act as we fast approach the date for when rules relating to general purpose AI models (“GPAI models”) come into...more

Goodwin

Goodwin Antitrust & Regulatory Shorts: Three Laws, One challenge; Complying With the DSA, AI Act, and GDPR

Goodwin on

The Digital Services Act (DSA) and the Artificial Intelligence Act (AI Act) are key components of the EU’s constantly evolving, digital regulatory landscape. Once forming policy proposals, both regulations have now evolved...more

McDermott Will & Schulte

AI meets real estate – Balancing innovation and compliance in the EU, UK, and US

McDermott Will & Schulte on

Artificial Intelligence (AI) is taking the global commercial real estate market by storm. It is accelerating processes, driving down costs, and enhancing efficiency across a range of functions. In the EU, AI optimizes...more

Skadden, Arps, Slate, Meagher & Flom LLP

Something Is Better Than Nothing: UK and EU GDPR Reform Finally Arrives

Skadden, Arps, Slate, Meagher & Flom LLP on

In recent weeks, the EU and UK have both introduced changes to their respective versions of Europe’s landmark privacy legislation, the General Data Protection Regulation (GDPR). These reforms mark the first substantial...more

Womble Bond Dickinson

The ICO’s Penalty Against 23andMe Brings New Emphasis on Cybersecurity Risks - Key Takeaways for U.S. Companies

Womble Bond Dickinson on

The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more

Dacheng

Cross-Border Data Processing under the "Offshore Model": China's Regulatory Approach in Comparative Context

Dacheng on

As the digital economy continues to thrive and remote work becomes increasingly mainstream, an “offshore model” of business operation has emerged. Under this model, companies may provide services to users in a given...more

Alston & Bird

UK Data Protection Regulator Fines 23andMe ~$3.1 Million Following Credential Stuffing Attack

Alston & Bird on

On June 5, 2025, the UK’s Information Commissioner’s Office (ICO) fined 23andMe £2.31 million (~$3.1 million). The fine was for failing to implement adequate security measures to protect the personal data of over 155,000 UK...more

McDermott Will & Schulte

What ICO guidance on anonymisation means for health and life sciences companies

McDermott Will & Schulte on

What new guidance on anonymisation from the UK Information Commissioner’s Office (ICO) means for healthcare and life sciences companies....more

DLA Piper

Spain: Spanish Data Protection Authority Publishes Annual Report

DLA Piper on

The Spanish Data Protection Authority (“AEPD“) has published its 2024 annual report, which includes the AEPD’s awareness-raising activities; the collaboration and inspection activities of the Spanish authorities; relevant...more

Hogan Lovells

Development of an AI system: CNIL issues guidelines regarding collection of data via web scraping

Hogan Lovells on

On 19 June 2025, CNIL published two additional “how-to-sheets” on artificial intelligence, one on the legitimate interest and the other on the collection of data via web scraping. These documents aim to clarify the rules...more

Skadden, Arps, Slate, Meagher & Flom LLP

CNIL Clarifies GDPR Basis for AI Training – But It’s Just One Part of the Compliance Picture

Skadden, Arps, Slate, Meagher & Flom LLP on

Key Points - - The French CNIL’s recent guidance regarding the application of legitimate interest as a legal basis in AI training is welcome, but several other AI regulatory issues remain unresolved. - Issues such as...more

Skadden, Arps, Slate, Meagher & Flom LLP

EU Data Act: Three Months To Go Before New Rules on Data Access and Sharing Take Effect

Skadden, Arps, Slate, Meagher & Flom LLP on

Executive Summary - The EU Data Act, whose requirements apply from 12 September 2025, establishes new rights for businesses and consumers to access data they generated using “connected devices,” limiting the exclusive...more

Clark Hill PLC

Right To Know - June 2025, Vol. 30

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more

Mayer Brown

US SEC Gives Green Light to Swiss-Based Investment Adviser Registration Applications

Mayer Brown on

On June 10, 2025, the US Securities and Exchange Commission (SEC) announced that it will immediately resume processing new and pending registration applications of investment advisers with their principal office and place of...more

DLA Piper

EU: Brussels Court of Appeal Rules on IAB Europe and the TC String – Implications for GDPR Compliance

DLA Piper on

On 14 May 2025, the Brussels Court of Appeal (Market Court) delivered the long-awaited judgement in the case concerning the Transparency & Consent Framework (“TCF”) (case no. 2022/AR/292). The Court largely upheld the...more

King & Spalding

New Security Measures for Large Databases: When a DPA’s Directives Set Standards

King & Spalding on

In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more

DLA Piper

Italy: The Garante Issues First GDPR Fine Over Employees Email Metadata Privacy Breach

DLA Piper on

The Italian Data Protection Authority (the Garante) has issued its first GDPR fine for, among other breaches, unlawful retention of metadata from employees’ emails and web browsing activities. The decision applies, for the...more

Constangy, Brooks, Smith & Prophete, LLP

Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape

Constangy, Brooks, Smith & Prophete, LLP on

In recognition of the GDPR's 7th anniversary on May 25, 2025, Constangy Cyber Team member Matthew Basilotto explores how the European Union’s General Data Protection Regulation (GDPR) continues to adapt in the face of...more

100 Results
 / 
View per page
Page: of 4
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide