When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Securities and Exchange Commission. Customer ID requirements. On May 13, 2024, SEC and FinCEN proposed a rule designed to make it more difficult for criminal actors to establish customer relationships with investment...more
Laws/Regulations directly regulating AI (the “AI Regulations”) - Currently, there are no specific laws, statutory rules, or regulations in Switzerland that directly regulate AI. AI in Switzerland is currently subject to...more
Colorado Governor Jared Polis signed H.B. 24-01058 into law on Wednesday, April 17, 2024. The law amends the definition of personal information protected by the state’s privacy law to include protections for data generated by...more
It has been some time already since the EU Digital Services Act (Regulation 2022/2065, DSA) was published, and since then, the discussions about Very Large Online Platforms (VLOPs) and Very Large Online Search Engines...more
Eli Lilly v Teva, Pharmascience, Riva, Apotex, Mylan (tadalafil, CIALIS) – Following a summary trial, Lilly’s infringement actions were dismissed: composition claims directed to “a physiologically acceptable salt” of...more
This article is the first in our three-part series focused on data privacy considerations related to the use of Artificial Intelligence (AI) and machine learning. This first article highlights privacy topics related to the...more
The European Medicines Agency (EMA) published Version 1.1 of its “Guidance on how to approach the safeguarding of personal protected data (“PPD”) and commercially confidential information (“CCI”) while using the Clinical...more
We recently published an alert in relation to the European Commission’s legislative proposals to replace the current EU regulatory framework for all medicines (including those for rare diseases and for children). One of the...more
Artificial intelligence (AI) is expanding into more industries (often in surprising ways) and has inevitably caught the attention of federal and state regulators. Our Privacy, Cyber & Data Strategy Team summarizes the...more
Last week, the California Privacy Protection Agency (CPPA) released updated California Privacy Rights Act (CPRA) draft regulations and a summary of the changes. The regulations remain in the proposal stage and it is unclear...more
On September 30, 2022, the White House kicked off Cybersecurity Awareness Month by reminding citizens of the impacts cyberattacks can have on critical infrastructure such as “electric grids and fuel pipelines … and many other...more
The New York Department of Financial Services (“DFS”) has proposed rule changes to increase cyber compliance requirements. DFS has been the leading regulatory force in the cybersecurity industry. ...more
On July 18, 2022, the UK government published high-level proposals for its approach to regulating uses of artificial intelligence (AI), as part of its National AI Strategy and, more broadly, its UK Digital Strategy. The...more
The Big Picture - Last week, congressional leaders released a draft bipartisan bill that, if adopted, would establish the nation’s first comprehensive federal privacy law. The American Data Privacy and Protection Act...more
On May 20, 2022, with little fanfare and just five short paragraphs, the Federal Trade Commission announced that businesses must publicly report security incidents to prevent potential harms, even if no other applicable law...more
Is your business one that has not prioritized compliance with data privacy laws because you do not collect personal data about your customers? If so, you are in good company, but it is time to reframe your approach on data...more
Last month, on Data Privacy Day, Colorado’s Attorney General Philip Weiser released prepared remarks entitled “The Way Forward on Data Privacy and Data Security” that shed some light on his approach to enforcing Colorado’s...more
On January 12, 2022, the French data protection authority (“CNIL“) published guidance on the reuse of personal data by processors for their own purposes (the “Guidance”)....more
Started in Europe in 2007, Data Privacy Day, or Data Protection Day as it is known internationally, is an international effort that takes place annually on January 28 to create awareness of the importance of data privacy. In...more
The Québec National Assembly has passed and the Lieutenant-Governor has assented to Bill 64, An Act to modernize legislative provisions as regards the protection of personal information (Act). The Act, which became law on...more
This is the second in a series of articles about the implications of the California Privacy Rights Act for employers. - The California Privacy Rights Act (“CPRA”), which goes into effect on January 1, 2023, grants six new...more
Colorado just became the third state to pass a comprehensive data privacy law, creating more challenges for businesses trying to navigate a variety of state, federal, and international privacy regimes. The Colorado Privacy...more
The European Commission (“EC”) has long sought to improve data privacy for Europeans, even when they interact with global or non-European companies. Laws like the General Data Protection Regulation (or “GDPR”) seek to...more
Introduction Colorado has joined California and Virginia as the third state with a comprehensive data privacy law. On July 7, 2021, Colorado Governor Polis signed the Act into law, following the Colorado Senate's passage of...more
On 1 June 2021, the Hong Kong Government announced that it will enact the Telecommunications (Registration of SIM Cards) Regulation (Regulation) to implement the Real-name Registration Programme for subscriber identity module...more