On January 16, 2025, the Federal Trade Commission (FTC) finalized amendments to the Children’s Online Privacy Protection Act (COPPA) Rule (Final Rule) relating to the collection, use and disclosure of personal information...more
1/30/2025
/ Consent ,
Consumer Privacy Rights ,
COPPA ,
Data Privacy ,
Data Retention ,
Data Security ,
Disclosure Requirements ,
Federal Trade Commission (FTC) ,
Final Rules ,
Online Safety for Children ,
Personal Information ,
Privacy Laws ,
Regulatory Requirements
Cyber threats continue to grow as a result of increased digitization, widespread use of cloud computing, advanced connectivity and artificial intelligence (AI), requiring boards of directors across all sectors to focus more...more
11/22/2024
/ Artificial Intelligence ,
Board of Directors ,
Corporate Governance ,
Crisis Management ,
Cyber Attacks ,
Cybersecurity ,
Cybersecurity Framework ,
Data Privacy ,
Machine Learning ,
Privacy Laws ,
Publicly-Traded Companies ,
Regulatory Oversight ,
Regulatory Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Securities Litigation ,
Third-Party
In this edition of Insights, we take a closer look at the megadeals and sponsor transactions driving recent M&A activity, the importance of staying ahead of the risks in AI development and deployment, and other diverse...more
9/30/2024
/ Acquisitions ,
Administrative Procedure Act ,
Artificial Intelligence ,
Chevron Deference ,
Corner Post Inc v Board of Governors of the Federal Reserve System ,
Corporate Governance ,
Delaware General Corporation Law ,
Federal Bans ,
Federal Trade Commission (FTC) ,
Final Rules ,
Government Agencies ,
Judicial Authority ,
Loper Bright Enterprises v Raimondo ,
Machine Learning ,
Mergers ,
Non-Compete Agreements ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Authority ,
Regulatory Requirements ,
SCOTUS ,
SEC v Jarkesy ,
Securities and Exchange Commission (SEC) ,
Shareholder Litigation ,
Shareholders ,
Technology Sector
As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risks from developing and deploying AI systems that do not function as intended or that yield problematic outcomes....more
9/30/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
NIST ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector ,
U.S. Commerce Department
As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risk from developing and deploying AI systems that do not function as intended or that yield problematic outcomes. The...more
9/4/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
EU ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management ,
Technology Sector ,
UK
In Nuctech Warsaw (T-284/24), the EU Court of Justice held that EU subsidiaries can lawfully be required to provide access to email accounts and data held by their overseas parent company. The ruling involved the following...more
8/26/2024
/ Appeals ,
Commercial Litigation ,
Corporate Counsel ,
Corporate Governance ,
Enforcement Actions ,
EU ,
European Commission ,
European Court of Justice (ECJ) ,
Extraterritoriality Rules ,
Foreign Corporations ,
Popular ,
Privacy Laws ,
UK ,
White Collar Crimes
Two recent settlements under the False Claims Act (FCA):
- Signal enhanced risk around cybersecurity for recipients of federal funds.
- Underscore the need to assess compliance with cybersecurity requirements and...more
The newly approved Artificial Intelligence Act (AI Act or the Act) aims to create a secure and trustworthy environment for the development and use of AI in the European Union....more
6/27/2024
/ Artificial Intelligence ,
Compliance ,
Consumer Financial Products ,
Consumer Protection Laws ,
Cybersecurity ,
Data Privacy ,
EU ,
FinTech ,
General Data Protection Regulation (GDPR) ,
Intellectual Property Protection ,
Privacy Laws ,
Technology Sector
Both the EU and Germany are taking significant steps to accelerate digitalization in the health sector and facilitate the exchange and use of health data for research and innovation purposes.
They aim to improve...more
4/4/2024
/ Analytics ,
Artificial Intelligence ,
Cybersecurity ,
Data Protection ,
Data-Sharing ,
Digital Health ,
EU ,
Germany ,
Healthcare ,
Life Sciences ,
Machine Learning ,
Pharmaceutical Industry ,
Popular ,
Privacy Laws ,
Research and Development
A proposed settlement action filed on December 19, 2023, by the Federal Trade Commission (FTC) against Rite Aid Corp. highlights some of the key issues presented when companies use artificial intelligence (AI) for facial...more
1/8/2024
/ Algorithms ,
Artificial Intelligence ,
Commercial Litigation ,
Customer Privacy ,
Customers ,
Facial Recognition Technology ,
Federal Trade Commission (FTC) ,
Privacy Laws ,
Rite Aid ,
Settlement Proposals ,
Technology Sector
A recent draft of the EU Agency for Cybersecurity’s (ENISA’s) European Union Cybersecurity Certification Scheme on Cloud Services (EUCS) reveals what requirements are currently being considered (and what requirements have...more
On 16 October 2023, France’s Data Protection Authority, the National Commission on Informatics and Liberty (CNIL), issued a set of guidelines for complying with the EU General Data Protection Regulation (GDPR) when...more
11/22/2023
/ Artificial Intelligence ,
CNIL ,
Data Protection ,
Data Storage ,
EU ,
General Data Protection Regulation (GDPR) ,
New Guidance ,
Personal Data ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Reform ,
Technology ,
UK
On September 28, 2023, the Cyberspace Administration of China (CAC) published the draft Provisions on Regulating and Promoting Cross-Border Data Transfers (Draft Provisions). If adopted into law in their current form, the...more
In this month’s Privacy & Cybersecurity Update, we examine Delaware’s new comprehensive data privacy law, a joint statement by 12 data protection authorities on data scraping and data protection, a district court ruling on a...more
10/3/2023
/ California Privacy Protection Agency (CPPA) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Popular ,
Privacy Laws ,
Risk Assessment ,
Risk Management ,
State and Local Government ,
State Data Privacy Laws ,
State Privacy Laws ,
Web Scraping
In this month’s Privacy & Cybersecurity Update, we analyze the Biden administration’s proposed cybersecurity labeling program for smart devices, NIST’s extensive overhaul of its cybersecurity framework, and data privacy law...more
9/6/2023
/ Biden Administration ,
California ,
California Privacy Rights Act (CPRA) ,
Colorado ,
Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Labeling ,
NIST ,
Popular ,
Privacy Laws ,
Smart Devices ,
State Privacy Laws
In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more
8/2/2023
/ Biometric Information Privacy Act ,
California ,
California Privacy Rights Act (CPRA) ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Framework ,
Data Privacy ,
Data Transfers ,
Disclosure ,
EU ,
European Commission ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
NYDFS ,
Oregon ,
Popular ,
Privacy Laws ,
Proposed Amendments ,
Regulatory Requirements ,
Risk Management ,
Texas