On September 3, 2025, the General Court of the European Union dismissed Philippe Latombe’s annulment action against the Commission’s adequacy decision for the EU-US Data Privacy Framework (DPF) and confirmed that, at the time...more
The EU Data Act (the Act), entered into force on January 11, 2024 but most of its provisions will apply from September 12, 2025. For any organization that designs, manufactures, or uses connected products, provides related...more
9/5/2025
/ Antitrust Provisions ,
Cloud Computing ,
Cloud Service Providers (CSPs) ,
Competition ,
Data Management ,
Data Protection ,
Data Security ,
Data-Sharing ,
EU ,
Internet of Things ,
New Legislation ,
Regulatory Reform ,
Regulatory Requirements
The European Commission received the final version of the General-Purpose AI (GPAI) Code of Practice on July 10, 2025. The GPAI is a voluntary framework intended to guide how providers of large AI models comply with the...more
7/23/2025
/ Artificial Intelligence ,
Compliance ,
Copyright ,
Enforcement ,
EU ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Regulatory Requirements ,
Risk Management ,
Risk Mitigation ,
Transparency
The European Union’s ("EU") NIS2 Directive (Directive (EU) 2022/2555) capitalizes on the success of its predecessor, NIS, the first horizontal minimum harmonization cyber security and resilience frameworks at the EU level....more
Already highly regulated with a risk-based approach at their core, AI-powered medical devices and in vitro diagnostic medical devices face new regulatory constraints stemming from the EU AI Act, a horizontal legal instrument...more
On May 14, 2025, the European Data Protection Board ("EDPB") issued a favorable opinion on granting a six-month extension to the existing adequacy decisions for the UK, following a formal proposal from the European...more
6/9/2025
/ Corporate Counsel ,
Data Protection ,
Data Transfers ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Proposed Legislation ,
UK ,
UK GDPR
In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more
Introduction: The Global Race Towards AI Governance Takes Different Paths-
As artificial intelligence (AI) continues to transform global markets, the European Union and the United States are advancing regulatory...more
5/21/2025
/ AI Act ,
Artificial Intelligence ,
Compliance ,
Disclosure Requirements ,
Enforcement ,
EU ,
Government Agencies ,
International Trade ,
Liability ,
Penalties ,
Proposed Legislation ,
Regulatory Requirements ,
Risk Management ,
Transparency
In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more