Following several years of drafts and negotiations, on March 13, the European Parliament approved the EU’s Artificial Intelligence Act (the AI Act), making it the world’s first comprehensive AI legislation....more
On today’s episode of AD Nauseam – which is the first of a two-part series – Amy, Daniel and Nichole talk about AI and why it’s such a broad pressing concern.
Questions & Comments: amudge@bakerlaw.com;...more
On December 4, the National Association of Insurance Commissioners unanimously adopted a model bulletin on the use of artificial intelligence in insurance. The model bulletin is intended for use by state insurance regulators...more
By now, many of us are using AI, advising others about how to use AI, and waiting for some legislative miracle to give us some guardrails for what we can or cannot be doing with AI. A lot of effort has been put into tracking...more
10/11/2023
/ Argentina ,
Artificial Intelligence ,
Australia ,
Canada ,
Corporate Counsel ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
EU ,
General Data Protection Regulation (GDPR) ,
Ireland ,
Italy ,
Japan ,
Machine Learning ,
New Zealand ,
Norway ,
Popular ,
Regulatory Agenda ,
South Korea ,
Spain ,
UK
On July 10, 1962, NASA launched Telstar 1, the first active communications satellite linking Europe and the United States through live television transmission. Sixty-one years later, on July 10, 2023, the European Commission...more
7/13/2023
/ Adequacy Requirement ,
Corporate Counsel ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
European Commission ,
European Economic Area (EEA) ,
Executive Orders ,
Framework Agreement ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Privacy Framework ,
Schrems I & Schrems II ,
Self-Certification ,
Standard Contractual Clauses ,
Switzerland ,
UK ,
US-EU Safe Harbor Framework
As part of the health budget bill signed by Governor Hochul in early May, New York has amended its General Business Law, introducing a prohibition on geofencing of health care facilities that goes into effect on July 2, 2023...more
The Data Security Incident Response Report features insights and metrics from 1,270+ incidents that members of the firm’s DADM Practice Group helped clients manage in 2021.
This episode takes us deeper into personal data...more
Our 2022 Data Security Incident Response Report discussed how businesses can be better positioned to meet the tight data breach notification deadlines now imposed in dozens of countries worldwide. In particular, we...more
7/15/2022
/ California Privacy Rights Act (CPRA) ,
Data Deletion ,
Data Management ,
Data Protection ,
Data Retention ,
Electronically Stored Information ,
General Data Protection Regulation (GDPR) ,
Legitimate Business Purpose ,
Personal Data ,
Regulatory Authority ,
Risk Mitigation
This Update highlights some of the international data protection issues that caught our attention and the attention of our clients over the winter, including updates on European data transfers and cookie compliance,...more
3/15/2022
/ Cookies ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
International Data Transfers ,
Russia
On November 18, 2021, the European Data Protection Board (EDPB) adopted its new draft guidance on the interplay between Article 3 of the European Union’s General Data Protection Regulation (GDPR) and Chapter V of the same...more
This update highlights some of the international data protection issues that caught our attention, and the attention of our clients, over the summer. Asia-Pacific - China’s Data Security Law and Personal Information...more
The 2021 edition of BakerHostetler’s annual Data Security Incident Response Report highlights some regulatory enforcement trends we saw from the European Union (EU) data protection authorities (DPAs) during the past year. EU...more
On June 4, 2021, the European Union’s (EU) executive branch, the European Commission (EC), released their new Standard Contractual Clauses (SCCs) for compliant cross-border data transfers under the EU’s General Data...more
Our last AI post on this blog, the New (if Decidedly Not ‘Final’) Frontier of Artificial Intelligence Regulation, touched on both the Federal Trade Commission’s (FTC) April 19, 2021, AI guidance and the European Commission’s...more
The week of April 19 was an eventful one for practitioners following the evolution of potential artificial intelligence (AI) enforcement both in the United States and abroad, answering some questions regarding which...more
This quarterly update highlights some of the international data protection issues that have caught our attention, and the attention of our clients, in the past three months....more
3/30/2021
/ Asia Pacific ,
CNIL ,
Cookies ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Data Transfers ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Notice Requirements ,
Personal Data ,
Popular ,
Russia ,
South America ,
UK ,
Web Tracking
Summary Advising our clients on compliance with laws and regulations is, hands down, the most important aspect of our role as attorneys. In addition to seeking counsel on their obligations under laws and regulations, however...more
Last week, both the European Data Protection Board (EDPB) and the European Commission released highly anticipated draft documents offering guidance to organizations that engage in cross-border data transfers involving EU...more
The California Consumer Privacy Act (CCPA) does not in itself outline specific employee training or record-keeping requirements that demonstrate business compliance with the law. However, the California attorney general’s...more
Quick Links - CJEU Press Release - CJEU Decision - Press Releases from the Parties - Irish Data Protection Commission - Max Schrems - U.S. Department of Commerce - Electronic Privacy Information Center (EPIC) - BSA The...more
Following its investigation of a personal data breach, the Belgian Data Protection Authority (DPA) issued a ruling on April 28, 2020, imposing a €50,000 fine on an organization for negligence in having appointed the company’s...more
The California Consumer Privacy Act (CCPA), California Civil Code §1798.100 and following, does not in itself outline specific training and record-keeping requirements that demonstrate business compliance with consumer...more
On January 10, Advocate General Maciej Szpunar released an opinion recommending that Google and other search engines should not be forced to apply the EU’s “right to be forgotten” beyond the EU. ...more
The Clarifying Lawful Overseas Use of Data Act (Pub. L. No. 115-141 (2018), or the CLOUD Act, was enacted in the U.S. on March 23, 2018, in response to difficulties U.S. law enforcement agencies (LEAs) had when attempting to...more
The practice of e-discovery has always incorporated considerations of new and emerging technologies as well as related attorney competence. With the advent of cloud services and significant use by clients, e-discovery...more