Exactly one year from now, on September 12, 2025, the EU Data Act will enter into application. This new regulation provides harmonized rules on data access, switching cloud providers, and interoperability requirements across...more
9/13/2024
/ Compliance ,
Compliance Dates ,
Data Processors ,
Data Protection ,
Data Security ,
Data Subject Access Requests ,
Enforcement ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization
In this blog post, we will focus on obligations that the European Union’s Artificial Intelligence Act (AI Act) sets for deployers, providers, importers and distributors regarding high-risk AI systems....more
8/27/2024
/ Artificial Intelligence ,
Compliance ,
Cooperation ,
Digital Service Providers ,
Distributors ,
EU ,
Importers ,
Machine Learning ,
New Legislation ,
Reporting Requirements ,
Risk Assessment ,
Risk Management ,
Risk-Based Approaches ,
Supply Chain ,
Third-Party Service Provider ,
Transparency
In this blog post, we will focus on the identification of “high-risk AI systems” under the Artificial Intelligence Act (“AI Act”) and the requirements applying to such systems. As explained in our previous blog posts, the AI...more
The EU Artificial Intelligence (AI) Act was published in the Official Journal of the European Union on July 12, 2024, as “Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down...more
This blog post focuses on the transparency requirements associated with certain limited-risk artificial intelligence (AI) systems under Article 50 of the European Union’s AI Act....more
This blog post focuses on Artificial Intelligence (AI) practices prohibited under the EU AI Act. Article 5 of the AI Act essentially prohibits AI practices that materially distort peoples’ behavior or that raise serious...more
On March 13, 2024, the European Parliament adopted the Artificial Intelligence Act (AI Act). It is considered to be the world’s first comprehensive horizontal legal framework for AI. It provides for EU-wide rules on data...more
3/15/2024
/ Artificial Intelligence ,
EU ,
European Commission ,
European Parliament ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Member State ,
New Legislation ,
OECD ,
Risk Assessment ,
Technology Sector
On 22 December 2023, the EU published Regulation (EU) 2023/2854, the Data Act, in the Official Journal of the EU. The Data Act is a new regulation providing harmonised rules on access to data, switching cloud providers and...more
1/25/2024
/ B2B Organizations ,
Cloud Computing ,
Connected Items ,
Data Controller ,
Data Protection ,
Data Subject Access Requests ,
Digital Single Market ,
EU ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
International Harmonization ,
New Regulations ,
Personal Data ,
Small and Medium-Sized Enterprises (SMEs) ,
Technology Sector ,
Third-Party
On November 27, 2023, the Council of the European Union adopted the EU Data Act, a new regulation providing harmonized rules on access to data, switching cloud providers, and interoperability requirements across the EU. The...more
On December 8, representatives from the European Commission, the European Parliament, and the Council of the European Union (EU) reached political agreement on the shape and contents of the EU’s AI Act (the “Act”), setting...more
On November 27, 2023, the Council of the European Union adopted the EU Data Act, a new regulation providing harmonized rules on access to data, switching cloud providers and interoperability requirements across the EU. The...more
On November 27, 2023, the Council of the European Union adopted the EU Data Act (Data Act), a new regulation providing harmonized rules on access to data, switching cloud providers and interoperability requirements across the...more
On November 9, 2023, the European Parliament adopted the EU Data Act, a new regulation providing harmonized rules on access to data, switching cloud providers and interoperability requirements across the EU. It is widely...more
11/16/2023
/ Cloud Service Providers (CSPs) ,
Connected Entities ,
Corporate Counsel ,
Data-Sharing ,
Digital Single Market ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Parliament ,
General Data Protection Regulation (GDPR) ,
Member State ,
New Legislation ,
Personal Data ,
Transparency
On July 10, 2023, the European Commission adopted an adequacy decision for the new EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the successor to the EU-U.S. Privacy Shield, which the Court of Justice of the European Union...more
7/19/2023
/ Certification Requirements ,
Compliance ,
Compliance Monitoring ,
Department of Transportation (DOT) ,
EU ,
European Commission ,
Federal Trade Commission (FTC) ,
Framework Agreement ,
International Data Transfers ,
Privacy Framework ,
UK
On July 10, 2023, the European Commission adopted its long-awaited adequacy decision for the EU-U.S. Data Privacy Framework (“Adequacy Decision”). This ends a three-year journey to set up a successor to the EU-U.S. Privacy...more
7/12/2023
/ Adequacy Requirement ,
Court of Justice of the European Union (CJEU) ,
Department of Justice (DOJ) ,
EU ,
EU-US Privacy Shield ,
European Commission ,
Executive Orders ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Iceland ,
International Data Transfers ,
Liechtenstein ,
Member State ,
Norway ,
Personal Data ,
U.S. Commerce Department
On June 14, 2023, the European Parliament adopted its negotiating position regarding the proposal of the European Commission for a regulation laying down harmonized rules on artificial intelligence. This is the most recent...more
6/16/2023
/ Artificial Intelligence ,
Contract Negotiations ,
Distributors ,
EU ,
European Commission ,
European Parliament ,
Importers ,
International Harmonization ,
Machine Learning ,
Proposed Legislation ,
Risk Assessment ,
Risk-Based Approaches
On March 31, 2023, Italy’s privacy regulator (the “Garante”), announced an immediate temporary limitation on the processing of data of individuals residing in Italy by OpenAI’s ChatGPT, the popular artificial intelligence...more
4/4/2023
/ Artificial Intelligence ,
Corporate Counsel ,
Data Processors ,
Enforcement Actions ,
EU ,
Federal Trade Commission (FTC) ,
Italy ,
Machine Learning ,
Personal Data ,
Privacy Laws ,
Regulatory Authority
On December 13, 2022, the European Commission initiated the process to adopt an adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”). The draft adequacy decision follows President Biden’s October Executive...more
On October 7, 2022, President Biden signed an Executive Order (“EO”) implementing the new trans-Atlantic EU-U.S. Data Privacy Framework (“EU-U.S. DPF”). The EU-U.S. DPF, previously announced by President Biden and the...more
10/10/2022
/ Biden Administration ,
Binding Corporate Rules ,
Civil Liberties ,
Court of Justice of the European Union (CJEU) ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
Executive Orders ,
Foreign Intellgence ,
International Data Transfers ,
National Intelligence Agencies ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
Surveillance ,
UK
On May 16, 2022, the European Data Protection Board (EDPB), the independent body of data protection supervisors that promotes consistent data protection rules and application thereof throughout the European Union (EU),...more
5/31/2022
/ Artificial Intelligence ,
Biometric Information ,
Corporate Counsel ,
Corporate Fines ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
Facial Recognition Technology ,
General Data Protection Regulation (GDPR) ,
Law Enforcement ,
New Guidance ,
Personal Data ,
Right to Privacy
On May 3, 2022, the European Commission published a proposal for a Regulation on the European Health Data Space (EHDS) (“EHDS Regulation”, or “Proposal”). With the Proposal, the European Commission aims to make significant...more
5/26/2022
/ Digital Health ,
Electronic Health Record Incentives ,
Electronic Protected Health Information (ePHI) ,
EU ,
European Commission ,
General Data Protection Regulation (GDPR) ,
Life Sciences ,
Member State ,
Patient Privacy Rights ,
Popular ,
Proposed Regulation
On March 25, 2022, US President Joe Biden and European Commission President Ursula von der Leyen made the long-awaited announcement that the United States and the European Union have agreed, in principle, to the...more
The European Commission has presented its draft Data Act, which will affect a broad range of companies and heavily emphasizes data accessibility and fairness. Companies should begin to evaluate their current practices and...more
French regulators have held that the use of Google Analytics violates the GDPR, a decision that likely has broad implications for web analytics companies and website operators.
On February 10, 2022, the French Data...more
2/16/2022
/ Analytics ,
CNIL ,
Corporate Counsel ,
Data Protection Authority ,
Facebook ,
FISA ,
France ,
General Data Protection Regulation (GDPR) ,
Google ,
International Data Transfers ,
Schrems I & Schrems II
Businesses that transfer personal data to and from the United Kingdom will soon have clarity regarding transfers from the UK to recipients outside the EU/EEA.
On February 2, 2022, the United Kingdom Secretary of State...more