The EU Data Act came into effect on September 12, 2025. The European Commission has announced that further tools are in progress to assist with implementation of the EU Data Act, such as setting up a “Data Act Legal...more
Malicious actors continue to exploit our connected digital ecosystem, disrupting organizations across all sectors. Some of the most significant evolutions in the cyber threat landscape stem from artificial intelligence...more
10/20/2025
/ Artificial Intelligence ,
Cyber Threats ,
Cybersecurity ,
Data Security ,
Deep Fake ,
Incident Response Plans ,
Phishing Scams ,
Ransomware ,
Risk Management ,
Supply Chain ,
Third-Party Risk
With the blistering pace of AI development and deployment, regulation has struggled to keep pace. As legislators and regulators grapple with the risks involved in the use of AI and how best to control those risks (if at all),...more
ABSTRACT -
Intellectual Property (IP) litigation can be complex, resource-intensive, and dependent on nuances like patent claim scope or trade secret definitions. But issues from underlying IP transactions or license...more
The UK's Online Safety Act (the "Act") is a transformative piece of legislation and is introducing extensive online safety obligations for user-to-user services, search services and pornography platforms. The Act encompasses...more
Obligations relating to general-purpose artificial intelligence (“GPAI”) models under the EU AI Act enter into force on 2 August 2025. Ahead of this deadline, the European Commission (the “Commission”) has published a suite...more
On 19 June 2025 the Data (Use and Access) Act (the "DUA Act") received Royal Assent and became law in the UK, having been passed by the UK Parliament on 11 June 2025. The DUA Act principally reforms the General Data...more
On 19 June 2025 the Data (Use and Access) Act (the "DUA Act") received Royal Assent and became law in the UK, having been passed by the UK Parliament on 11 June 2025....more
7/7/2025
/ Artificial Intelligence ,
Copyright ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Machine Learning ,
New Legislation ,
Privacy and Electronic Communications Regulation 2003 (PECR). ,
Privacy Laws ,
Regulatory Reform ,
UK
On 19 June 2025 the Data (Use and Access) Act (the "DUA Act") received Royal Assent and became law in the UK, having been passed by the UK Parliament on 11 June 2025. The DUA Act principally reforms the General Data...more
The first requirements under the EU Artificial Intelligence (AI) Act come into effect on February 2, 2025, banning the use of AI systems that involve prohibited AI practices and requiring providers and deployers of AI systems...more
2/7/2025
/ Artificial Intelligence ,
Data Protection ,
Employee Training ,
EU ,
Facial Recognition Technology ,
Innovative Technology ,
Machine Learning ,
Professional Development ,
Regulation ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
Artificial intelligence (AI) and other emerging technologies have the potential to revolutionize the financial industry. At the same time, its use introduces new risks that need to be anticipated and addressed. This paper...more
1/24/2025
/ Algorithms ,
Artificial Intelligence ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Emerging Technologies ,
Employment Discrimination ,
Financial Institutions ,
Financial Services Industry ,
Innovative Technology ,
Machine Learning ,
Regulatory Agenda ,
Risk Assessment ,
Risk Management
Beginning 17 January 2025, the Digital Operational Resilience Act (DORA) will apply to almost all EU financial entities, including banks, insurers and reinsurers, brokers , payment and electronic money institutions,...more
1/20/2025
/ Cryptoassets ,
Cybersecurity ,
Data Security ,
Digital Operational Resilience Act (DORA) ,
EU ,
Financial Institutions ,
Financial Services Industry ,
Information and Communication Technology (ICT) ,
Information Technology ,
Regulatory Requirements ,
Risk Management
On 17 October 2024, the European Commission adopted the first Implementing Regulation under the Network and Information Security 2 Directive (EU) 2022/2555 (NIS2), focusing on digital infrastructures and services. The...more
10/21/2024
/ Cloud Computing ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Centers ,
Data Protection ,
EU ,
European Commission ,
Incident Response Plans ,
Infrastructure ,
Member State ,
New Regulations ,
Online Marketplace ,
Regulatory Requirements ,
Risk Management
The Network and Information Security 2 Directive (EU) 2022/2555 ("NIS2") entered into force on 16 January 2023. NIS2 sets cyber rules for organizations whose services are considered essential or important for maintaining...more
8/5/2024
/ Compliance ,
Cybersecurity ,
Data Protection ,
Data Security ,
EU ,
EU Directive ,
European Commission ,
Member State ,
New Legislation ,
Public Policy ,
Risk Management
As the European Union sets the stage for groundbreaking AI regulation, our podcast offers a comprehensive exploration of this landmark legislation. Join us as we dissect the EU AI Act, unpacking its key provisions and...more
Mayer Brown Partners Ana Bruder, Justin Herring, and Oliver Yaros focus on cybersecurity risks and regulations in the EU and UK. They explore third-party risks, ransomware incidents, and the impact of AI, while examining how...more
As the European Union sets the stage for groundbreaking AI regulation, our podcast offers a comprehensive exploration of this landmark legislation. Join us as we dissect the EU AI Act, unpacking its key provisions and...more
On July 12, 2024, the EU AI Act (EU Regulation 1689/2024) was published in the Official Journal of the European Union. The text of the law is final and will enter into force on August 1, 2024. Its provisions will apply...more
As the European Union sets the stage for groundbreaking AI regulation, our podcast offers a comprehensive exploration of this landmark legislation. Join us as we dissect the EU AI Act, unpacking its key provisions and...more
As the European Union sets the stage for groundbreaking AI regulation, our podcast offers a comprehensive exploration of this landmark legislation. Join us as we dissect the EU AI Act, unpacking its key provisions and...more
As the European Union sets the stage for groundbreaking AI regulation, our podcast offers a comprehensive exploration of this landmark legislation. Join us as we dissect the EU AI Act, unpacking its key provisions and...more
On May 21, 2024, the last missing approval for the EU AI Act was given by the European Council. The text of the law is final and will be published in the coming days. Here we summarize key points as well as note potential...more
5/23/2024
/ Algorithms ,
Artificial Intelligence ,
Automation Systems ,
Cybersecurity ,
Data Privacy ,
EU ,
Innovative Technology ,
Machine Learning ,
New Regulations ,
Regulatory Reform ,
Regulatory Requirements
Join us on the latest episode of Financial Services Focus as Justin Herring, Jeff Taft and Ana Bruder discuss key cyber threats facing the financial services industry, including third-party risks, sophisticated ransomware,...more
The Information Commissioner's Office (the "ICO") has clarified the methods it will use to calculate the fines it will issue for breaches of data privacy law in the UK by publishing its latest Data Protection Fining Guidance...more
In this episode, we explore the ever-evolving realm of AI regulation and how it's reshaping technology transactions and internal governance worldwide. Join host Julian Dibbell and guests Ana Bruder, Arsen Kourinian, and...more
4/18/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cross-Border ,
Cybersecurity ,
EU ,
Innovative Technology ,
Intellectual Property Protection ,
IP License ,
Legislative Agendas ,
Machine Learning ,
Popular ,
Privacy Laws