The European Union’s new AI Act (the Act) went into efect on 1 August 2024. The Act is the first-ever comprehensive law focused on artifcial intelligence and machine learning (collectively, AI). The Act impacts many...more
A recent decision by the Court of Justice of the European Union will extend the EU General Data Protection Regulation’s automated decision-making restrictions to many present and future use cases of such technologies. While...more
The new EU AI Act contains provisions that reach beyond EU borders that could conflict with US copyright law, among others, when proprietary datasets are used for AI training. Therefore, US companies doing business in Europe...more
The Council of the European Union adopted the Data Act on November 27, 2023. The Data Act, together with the Data Governance Act and EU General Data Protection Regulation (GDPR), as key elements of the broader European data...more
The Swiss government has drafted a proposed list of countries that are approved to receive personal data transfers out of Switzerland. Japan and South Korea are excluded from the current and proposed lists, requiring...more
World events, such as the COVID-19 pandemic, have accelerated the need for business operations to grow more digitally reliant and driven. As the global network grows and becomes more interconnected, privacy and...more
9/15/2022
/ Biometric Information ,
Computer Fraud and Abuse Act (CFAA) ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Personal Information Protection Law (PIPL) ,
Popular
The European Commission has finally approved two decisions on 28 June granting the United Kingdom the cherished status of having “adequate” data protection laws so that transfers of personal data from the European Union are...more
Importers of EU data will need to analyze each data transfer for compliance with the new Standard Contractual Clauses; solely relying on data subjects’ consents may not be sufficient. Since the European Court of Justice...more
6/15/2021
/ Corporate Counsel ,
Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
Schrems II may force companies obligated to produce EU personal data to the task of determining whether to comply with US discovery obligation rules that risk fines under the GDPR for illegal data transfers or to defy the US...more
8/24/2020
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Protection ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Schrems I & Schrems II ,
Standard Contractual Clauses
Following a legal challenge to the validity of data transfers from organizations in Europe to organizations in countries like the United States, the opinion of the Advocate General (AG) of the Court of Justice of the European...more