This is part three of our examination of the European Union’s new artificial intelligence law (the “EU AI Act”). In part one, we introduced the scope of the EU AI Act and discussed what types of AI systems are outright...more
This is part two of our examination of the European Union’s new artificial intelligence law, the (“EU AI Act”). In part one, we introduced the scope of the EU AI Act and discussed what types of AI systems are outright...more
New cybersecurity guidance for artificial intelligence (AI) systems, available here, was recently issued jointly by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the National Security Agency’s...more
The European Union recently enacted its new artificial intelligence regulation, the (“EU AI Act”). The new law is expected to have a substantial impact on the AI industry, including on companies outside of the EU, much as...more
Since late June 2023, the California Privacy Protection Agency (CPPA) has been prohibited by court order from enforcing the regulations it finalized on March 29 of last year. According to that ruling, because the text of the...more
On October 10, Governor Gavin Newsom signed into law California’s most recent foray into the world of consumer data privacy: the Delete Act. Targeting so-called data brokers, the Act expands on regulations already in place...more
On July 26, 2023, the Securities and Exchange Commission (SEC) announced the adoption of final rules relating to cybersecurity risk management, strategy, governance, and incident disclosures. The new rules define a...more
The European Union (EU) announced on July 10 that it had formally adopted the adequacy decision for the EU-U.S. Data Privacy Framework, which goes into effect on July 11. U.S. organizations have been without a...more
On May 22, Ireland’s Data Protection Commission (DPC) announced that it had imposed a €1.2 billion fine on Meta Platforms for violating the European Union’s General Data Protection Regulation (GDPR) in its use of standard...more
With so much attention focused on the California Privacy Rights Act (CPRA) going into effect on January 1, 2023, it is not surprising that the enactment of another far-reaching California privacy law has flown beneath the...more
On June 4, 2021, the European Commission introduced the new set of Standard Contractual Clauses (“SCCs”), a primary mechanism for lawfully transferring personal data from Europe to the United States under the European Union’s...more
Meghan Stoppel, who spent over a decade serving as an Assistant Attorney General, and later a Consumer Protection Chief, to both Democratic and Republican state attorneys generals, talks to Andy Baer, Chair of Cozen...more
On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules that would require public companies to report detailed information about material cybersecurity incidents affecting their business and...more
The Federal Financial Institutions Examination Council (FFIEC), an interagency body of leading financial regulators, including the Federal Deposit Insurance Corporation and the Office of the Comptroller of the Currency,...more
On November 10, the European Data Protection Board (EDPB), the European Union’s top data privacy regulator, issued long-awaited guidance setting out a framework for navigating transfers of data out of the European Economic...more
On June 24, the eve of the July 1 enforcement date for the California Consumer Privacy Act (CCPA), the California Secretary of State certified the California Privacy Rights Act (CPRA), the latest brainchild of privacy...more