On March 13, 2024, the European Parliament adopted the Artificial Intelligence Act (AI Act). It is considered to be the world’s first comprehensive horizontal legal framework for AI. It provides for EU-wide rules on data...more
3/15/2024
/ Artificial Intelligence ,
EU ,
European Commission ,
European Parliament ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Member State ,
New Legislation ,
OECD ,
Risk Assessment ,
Technology Sector
On July 10, 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (“Adequacy Decision”). This ends a three-year journey to set up a successor to the EU-U.S. Privacy...more
7/12/2023
/ Adequacy Requirement ,
Court of Justice of the European Union (CJEU) ,
Department of Justice (DOJ) ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Executive Orders ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Iceland ,
International Data Transfers ,
Liechtenstein ,
Member State ,
Norway ,
Personal Data ,
U.S. Commerce Department
On June 21, 2023, Senate Majority Leader Chuck Schumer joined the Center for Strategic and International Studies (CSIS) to launch his SAFE Innovation Framework, a comprehensive approach to address challenges associated with...more
On June 14, 2023, the European Parliament adopted its negotiating position regarding the proposal of the European Commission for a regulation laying down harmonized rules on artificial intelligence. This is the most recent...more
6/16/2023
/ Artificial Intelligence ,
Contract Negotiations ,
Distributors ,
EU ,
European Commission ,
European Parliament ,
Importers ,
International Harmonization ,
Machine Learning ,
Proposed Legislation ,
Risk Assessment ,
Risk-Based Approaches
On December 13, 2022, the European Commission initiated the process to adopt an adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”). The draft adequacy decision follows President Biden’s October Executive...more
On May 16, 2022, the European Data Protection Board (EDPB), the independent body of data protection supervisors that promotes consistent data protection rules and application thereof throughout the European Union (EU),...more
5/31/2022
/ Artificial Intelligence ,
Biometric Information ,
Corporate Counsel ,
Corporate Fines ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
General Data Protection Regulation (GDPR) ,
Law Enforcement ,
New Guidance ,
Personal Data ,
Right to Privacy
On March 25, 2022, US President Joe Biden and European Commission President Ursula von der Leyen made the long-awaited announcement that the United States and the European Union have agreed, in principle, to the...more
The European Commission has presented its draft Data Act, which will affect a broad range of companies and heavily emphasizes data accessibility and fairness. Companies should begin to evaluate their current practices and...more
Businesses that transfer personal data to and from the United Kingdom will soon have clarity regarding transfers from the UK to recipients outside the EU/EEA.
On February 2, 2022, the United Kingdom Secretary of State...more
Last week, the Belgian Data Protection Authority ruled that the IAB’s cookie consent framework violated the GDPR. This decision has tremendous potential implications on the ad tech industry, as both publishers and advertisers...more
2/8/2022
/ Adtech ,
Advertising ,
Belgium ,
Consent ,
Cookies ,
Data Controller ,
Data Protection Authority ,
EU ,
General Data Protection Regulation (GDPR) ,
Online Advertisements ,
Publishers
On June 4th, 2021, the European Commission adopted and published a new set of so-called standard contractual clauses (“SCCs”) providing a legal basis for international transfers of personal data from the EU/EEA to third...more
6/7/2021
/ EU ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
UK
In the wake of COVID-19, businesses have a host of health regulations and recommendations to consider before they resume in-person activity. Some employers plan to screen for symptoms, including regular thermal testing (or...more
The European Court of Justice (the “Court”) issued the long-awaited “Schrems II” decision. (see Facebook Ireland Ltd. v. Maximillian Schrems).
In its decision, the Court (1) struck down the Privacy Shield program that...more