Latest Publications

Share:

The EU AI Act: Who and What Is Covered?

This update is part of our EU AI Act Series. Learn more about the EU AI Act here. The EU AI Act imposes obligations on providers, importers, distributors and deployers of AI systems and General-Purpose AI Models (GPAIMs). ...more

The European Data Act: 5 Things Cloud Services Provider Should Know

This Essential Guide to the European Data Act is part of Orrick's Cybersecurity & Privacy Compass Series. The Cybersecurity & Privacy Compass is your global guide to the evolving cybersecurity and privacy regulatory...more

The European NIS-2 Directive: Does It Apply to You?

The European Network and Information Security 2 Directive aims to mitigate threats to network and information systems and ensure the continuity of services in the event of cybersecurity incidents. Member States must pass...more

CJEU Issues Landmark Adtech Decision on Personal Data and Joint Control with Broad Implications: What You Need to Know and Do

The Court of Justice of the European Union (CJEU) has made a landmark decision (7 March 2024, C-604/22) on the intricacies of adtech, personal data, and joint control against the background of the General Data Protection...more

China Eases Requirements for Cross-Border Data Transfers

In this Essential Guide, part of Orrick’s Cybersecurity & Privacy Compass Series, we offer insights into the Cyberspace Administration of China's (CAC) new rules and requirements for cross-border data transfers. The...more

The EU AI Act: Who Is Covered?

This overview is part of a wider series of articles on the AI Act. For recommended steps to take in the first six months, our latest update is available here. The European AI Act has a broad material and territorial scope of...more

European Data Act: Harmonised Rules on Fair Access to and Use of Data

This Essential Guide to the European Data Act is part of Orrick's Cybersecurity & Privacy Compass Series. The Cybersecurity & Privacy Compass is your global guide to the evolving cybersecurity and privacy regulatory...more

Landmark Ruling: The Court of Justice of the European Union Rejects Strict Liability in the General Data Protection Regulation

In this Essential Guide, which is part of Orrick’s Cybersecurity & Privacy Compass Series, we will provide insight into the potential fines that companies may face for violating the General Data Protection Regulation...more

5 Things to Know About Germany’s Draft Law Implementing the NIS2 Directive

The European Parliament approved the Network and Information Security 2 Directive (“NIS 2”) last year, expanding the scope of the Network and Information Security Directive (“NIS”). Now Germany has introduced the draft of the...more

The European Commission Adopts the EU-U.S. Data Privacy Framework

The European Commission today approved the long-awaited framework for data transfers to the United States. What is the decision about? Today's decision means that organisations subject to the GDPR can benefit from an adequacy...more

The EU Data Act: Harmonized Rules on Fair Access to and Use of Data

This essential guide to the European Data Act is part of Orrick’s Cybersecurity & Privacy Compass Series. The Cybersecurity & Privacy Compass is your global guide to constant cybersecurity and privacy change. In this guide,...more

Modified Liability for AI: EU Review of AI Liability Rules

The EU AI Act, which is progressing towards adoption by the end of 2023, will be complemented by an update to the European civil liability rules applicable to AI-related claims. Towards the end of 2022, the EU Commission...more

CJEU Denies a Minimum Threshold for Raising Non-Monetary GDPR Damage Claims

On 4 May 2023 the European Court of Justice ("CJEU") published its decision (case no. C-300/21) in which it ruled that not any infringement of the General Data Protection Regulation ("GDPR") triggers the right to compensation...more

Data Subject Access Requests – 5 Things Your Company Needs to Consider

Both the EU and UK GDPR grant data subjects rights in relation to their personal data. Article 15 gives data subjects the right to access their personal data and increasingly, data subjects are exercising this right by...more

European Tech Regulations: What You Need to Know

Europe is in the midst of a transformation of its regulatory strategy for digital technologies. The EU has passed or proposed a number of laws affecting digital service providers in a broad range of legal areas and sectors....more

5 Things You Need to Know About the EDPB's Cookie Report

On 18 January 2023, the European Data Protection Board ("EDPB") published a report on the work undertaken by its Cookie Banner Task Force to ensure a uniform approach regarding a number of cookie-banner-related complaints...more

The European Commission’s Digital Services Act (DSA) is Approved: What You Need to Know

This is an update to our previous coverage of the Digital Services Act (“DSA”). The final text of Europe’s (EU) Digital Services Act (“DSA”) was recently approved by the Council of the EU Member States. That means that the...more

6 Things to Know About the New EU-U.S. Data Privacy Framework

In early October, the United States (“U.S.”) and European Union (“EU”) came one step closer to the much-awaited new EU-US Data Privacy Framework (the “Framework”), designed to facilitate transatlantic data flows between the...more

"42", the Answer to the Number of Authorities Notified in Cross-Border Breaches – Don't Panic!

Last week, the European Data Protection Board ("EDPB") published a long-awaited update of its guidance on breach notification—which did not contain much news generally. However, it does bring a significant new burden for...more

Advocate General of ECJ on GDPR Damages. Is relief from non-substantial claims in sight?

While claims for damages in the event of data protection violations have theoretically existed for some time, they have been gaining in importance since the introduction of the General Data Protection Regulation ("GDPR")....more

EDPB Releases New Guidelines on the Calculation of Administrative Fines

After months of anticipation, the European Data Protection Board (EDPB) adopted new Guidelines on the calculation of administrative fines under the GDPR in May 2022. With the newly released Guidelines, the EDPB seeks to...more

Increased Scrutiny of Employee Monitoring Practices: Top 5 Takeaways Employers Need to Know

We are observing growing regulatory scrutiny of advanced employee monitoring practices, particularly from the European Union. Here are the key takeaways... ...more

10 Things to Know about the European Commission’s Questions and Answers on the GDPR Standard Contractual Clauses - Summer Global...

On June 4, 2021, the European Commission (the “Commission”) published its implementing Decision adopting standard contractual clauses for transfer of personal data to third countries (the “SCCs”) designed to comply with the...more

Update: European Subsidiaries of U.S. Cloud Providers Can Offer IT Services in the EU

The decision of the Procurement Chamber of Baden-Württemberg was annulled by the Higher Regional Court of Karlsruhe in its legally binding decision on September 9, 2022. In contrast to the approach chosen by the Procurement...more

Can European Subsidiaries of U.S. Cloud Providers No Longer Provide IT Services in the EU?

Analysis of the Baden-Württemberg Procurement Chamber on the admissibility of the use of IT services by European subsidiaries of U.S. cloud providers I. Background In its recently published decision (12 July 2022), a...more

101 Results
 / 
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide