The European Union (EU) has revised its Cybersecurity Directive (NIS2). The new rules will apply to a wide range of companies in many sectors, create new cybersecurity obligations, and impose high fines for noncompliance. EU...more
The firm is pleased to distribute the Q4 2023 edition of All Eyes on AI: Regulatory, Litigation, and Transactional Developments, which closely follows the evolving regulatory landscape for artificial intelligence (AI) in the...more
2/5/2024
/ Artificial Intelligence ,
California ,
California Privacy Protection Agency (CPPA) ,
CFIUS ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
Machine Learning ,
Personal Information ,
Proposed Legislation ,
Risk Assessment ,
Securities and Exchange Commission (SEC)
In 2024, businesses will continue to face an evolving landscape of privacy opportunities and challenges, including an increasingly complex data regulatory environment that extends beyond the General Data Protection Regulation...more
In 2024, businesses will continue to face an evolving landscape of cyber threats, along with an increasingly complex regulatory environment. With heightened scrutiny from regulators, consumers, and investors, the need to...more
1/4/2024
/ Artificial Intelligence ,
Biden Administration ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Federal Contractors ,
Financial Institutions ,
Hackers ,
Popular ,
Reporting Requirements ,
Securities and Exchange Commission (SEC)
On December 8, 2023, the EU finally agreed on the world’s first comprehensive legal framework on AI: the AI Act. EU lawmakers reached a political agreement on a series of controversial issues after record-long negotiations....more
On July 10, 2023, the European Commission (EC) adopted an adequacy decision in relation to the EU-U.S. Data Privacy Framework (DPF). This paves the way for organizations to certify to the DPF, reducing friction for transfers...more
On June 28, 2023, the European Commission (EC) published a Proposal for a Regulation on Financial Data Access (FIDA). FIDA aims to create a framework through which data holders (e.g., banks, credit institutions) share the...more
On July 4, 2023, the European Commission (EC) published its proposal for a regulation laying down additional procedural rules for the enforcement of the EU General Data Protection Regulation (GDPR) (proposal). The proposal...more
7/5/2023
/ Cross-Border Transactions ,
Data Controller ,
Data Processors ,
Data Protection ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data
On June 8, 2023, the UK and the U.S. governments issued a joint statement announcing that they had committed in principle to the establishment of a “UK Extension to the Data Privacy Framework,” which would facilitate flows of...more
In Europe, recent advances in artificial intelligence (AI) have given rise to intense debate over how this technology should be regulated. Companies that have developed AI tools, or who are considering implementing AI, should...more
6/16/2023
/ Algorithms ,
Artificial Intelligence ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
EU ,
Machine Learning ,
Privacy Laws ,
Technology Sector ,
UK
On February 24, 2023, the European Commission (EC) opened a public consultation on its initiative (Initiative) to revise procedural rules relating to the enforcement of the EU General Data Protection Regulation (GDPR). The EC...more
On October 7, 2022, President Biden signed an Executive Order (Order) on Enhancing Safeguards for United States Signals Intelligence Activities. This marks the latest step towards the new EU-U.S. Data Privacy Framework...more
EU lawmakers are preparing a new Artificial Intelligence Act (AIA). Timing for adoption remains unclear, but once the AIA enters into force, it will impose strict obligations on providers and users of AI systems. In the...more
On March 25, 2022, the U.S. and EU announced that they reached a political agreement in principle on a new "Trans-Atlantic Data Privacy Framework" (the Framework). This would be the third framework for EU-U.S. personal data...more
On February 2, 2022, the UK privacy regulator (i.e., the Information Commissioner's Office or the ICO) issued new model clauses to support data transfers from the UK. Subject to approval by the UK Parliament, the new model...more
They State That Direct Collection of Personal Data by Non-EU Companies Is Not a "Data Transfer" Under the GDPR On November 18, 2021, the European Data Protection Board (EDPB) issued guidelines (Guidelines) that—for the first...more
As of September 27, 2021, companies relying on Standard Contractual Clauses (SCCs) to transfer personal data outside the European Union (EU) must use the new Standard Contractual Clauses (New SCCs) when signing data...more
New Set of SCCs for Data Transfers to Third Countries On June 4, 2021, the European Commission (EC) published its long awaited new set of Standard Contractual Clauses (New SCCs). This new data transfer mechanism allows for...more
On January 18, 2021, the European Data Protection Board (EDPB), comprised of all national supervisory authorities (SAs) of the European Union, published draft guidelines for data breach notification (the Guidelines)....more
2/12/2021
/ Corporate Counsel ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
EU ,
EU Data Protection Laws ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Popular
On July 8, 2019, the UK Information Commissioner’s Office (ICO) announced its intention to fine British Airways GBP 183.39 million over a data breach in which the personal data of approximately 500,000 customers was...more
On December 15, 2015, the European Parliament and the Council of the European Union (Council) reached a political agreement on the future EU data protection legal framework. This is a significant step towards adoption of the...more
In this issue of The WSGR Data Advisor, we examine the FCC’s recent TCPA declaratory ruling and order addressing issues regarding calling and texting consumers, and discuss the new privacy, data security, and transparency...more
9/11/2015
/ Auto-Dialed Calls ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Declaratory Rulings ,
Department of Health and Human Services (HHS) ,
Drones ,
Electronic Medical Records ,
EU ,
FCC ,
Federal Trade Commission (FTC) ,
New Legislation ,
Online Privacy Protection Act ,
Security and Privacy Controls ,
TCPA ,
Technical Standards ,
Text Messages
In this issue:
- Navigating Public Company Cybersecurity Obligations: Advising Boards and Disclosing to Investors
- FTC Updates School-Related COPPA Guidance
- Status Update on the EU Data Protection...more
7/14/2015
/ Anti-Spam Legislation ,
Barack Obama ,
Board of Directors ,
Canada ,
COPPA ,
Cybersecurity ,
Data Breach ,
Data Protection ,
EU ,
Federal Trade Commission (FTC) ,
Privacy Laws ,
Public Disclosure ,
Publicly-Traded Companies ,
Risk Assessment ,
Risk Management ,
Sanctions ,
Security and Privacy Controls
On June 15, 2015, the Ministers of Justice of all 28 European Union member states, sitting as the Council of the EU (Council), reached a crucial agreement for the future EU data protection legal framework. Much work still...more
On May 25, 2015, the French data protection authority (CNIL) published its annual inspection program for 2015, unveiling its objectives and priorities for the year. This alert highlights the main priorities of the CNIL for...more
5/29/2015
/ BCRs ,
CNIL ,
Data Collection ,
Data Protection ,
EU ,
France ,
Mobile Payments ,
Popular ,
Privacy Laws ,
Technology ,
Wifi