EU AI Act: Political Agreement Reached on Terms of Landmark Legislation -
Negotiators for the European Council and the European Parliament have reached political agreement on the provisions of the EU Artificial...more
12/15/2023
/ Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Compliance ,
Cookies ,
Court of Justice of the European Union (CJEU) ,
EU ,
Federal Trade Commission (FTC) ,
Fines ,
General Data Protection Regulation (GDPR) ,
Neglect ,
New Legislation ,
UK
Clearview AI was issued with an enforcement action including a fine of around £7.5million and an order to delete certain data by the ICO for breaches of the UK GDPR in relation to its facial recognition data. The Tribunal...more
NSA and CISA Release Report on “Top Ten” Cybersecurity Misconfigurations; CISA Calls for Software Manufacturers to Implement Best Practices -
On October 5, 2023, the United States National Security Agency (NSA) and...more
10/20/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Transfers ,
European Data Protection Board (EDPB) ,
Federal Trade Commission (FTC) ,
Fines ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Investigations ,
Law Enforcement ,
Manufacturers ,
National Security Agency (NSA) ,
Personal Data ,
Popular ,
Settlement ,
Software ,
UK ICO
The UK has approved the UK-U.S. Data Bridge facilitating flows of personal data to U.S. entities that have self-certified to the EU-U.S. Data Privacy Framework (‘DPF’), provided that those entities extend their DPF...more
9/25/2023
/ Compliance ,
EU-US Privacy Shield ,
European Commission ,
European Court of Justice (ECJ) ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Personal Data ,
Privacy Framework ,
Safe Harbors ,
Schrems I & Schrems II ,
UK ,
UK GDPR
FTC Finalizes Settlement with 1Health.io For Allegations It Failed to Protect Customers’ DNA Data -
On September 6, 2023, the Federal Trade Commission’s agreement with the genetic testing firm 1Health.io Inc. – formerly...more
9/25/2023
/ Background Checks ,
California ,
California Consumer Privacy Act (CCPA) ,
Consent Agreements ,
Consumer Reporting Agencies ,
Data Brokers ,
Data Collection ,
Data Security ,
Data-Sharing ,
Fair Credit Reporting Act (FCRA) ,
Federal Trade Commission (FTC) ,
FTC Act ,
Gramm-Leach-Blilely Act ,
Information Commissioner's Office (ICO) ,
Law Enforcement ,
New Legislation ,
Personal Data ,
Personal Information ,
Privacy Policy ,
Settlement ,
UK ,
UK GDPR
WorldCoin is a cryptocurrency project which uses iris scanning technology to issue a “World ID” as a digital identifier. Privacy concerns over WorldCoin have been voiced by several data protection authorities worldwide....more
8/23/2023
/ Artificial Intelligence ,
Biometric Information ,
CNIL ,
Cryptocurrency ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Data Security ,
Data Storage ,
EU ,
General Data Protection Regulation (GDPR) ,
HMRC ,
Information Commissioner's Office (ICO) ,
Popular ,
UK
SEC Finalizes Cybersecurity Disclosure Rules for Public Companies -
On July 26, 2023, the Securities and Exchange Commission (“SEC”) voted to adopt new rules requiring public companies to make certain disclosures...more
8/4/2023
/ California Privacy Protection Agency (CPPA) ,
California Privacy Rights Act (CPRA) ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Disclosure Requirements ,
Enforcement ,
Federal Trade Commission (FTC) ,
Final Rules ,
Foreign Private Issuers ,
Form 8-K ,
Hospitals ,
Investment Company Act of 1940 ,
Mobile Apps ,
Securities and Exchange Commission (SEC) ,
Telehealth ,
Tracking Systems ,
Websites
In 2020, the UK Government asked the Law Commission to review the legal status of digital assets in England and Wales, with the aim of making the UK an attractive jurisdiction for crypto development and investment. The Law...more
California Court Pauses Enforcement of Most Recent CCPA Regulations until March 2024 -
On June 30, 2023, the Superior Court of California, County of Sacramento (California Chamber Of Commerce v. California Privacy...more
7/21/2023
/ Biden Administration ,
California ,
California Consumer Privacy Act (CCPA) ,
Cross-Border ,
Cybersecurity ,
Data Privacy ,
Enforcement ,
EU ,
European Commission ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
NYDFS ,
Presidential Nominations ,
Privacy Framework ,
Proposed Regulation ,
Regulatory Agenda
The Department of Health and Social Care in the United Kingdom has published a proposed update to its policy regarding access to National Health Service (NHS) data for research purposes. The proposed update focuses on the...more
The International Institute for the Unification of Private Law (UNIDROIT) has adopted draft Principles on Digital Assets and Private Law (the “Principles”). These Principles comprise legislative guidance and best practices in...more
The EU General Court has overruled the European Data Protection Supervisor and held that pseudonymised data will not be personal data for the purposes of EU data protection law when transferred to a recipient that is unable...more
Biden Administration to Introduce New National Cyber Strategy for Critical Infrastructure -
The Biden administration is reportedly working on a National Cyber Strategy for critical infrastructure that will advocate a more...more
1/20/2023
/ Biden Administration ,
Chemicals ,
Class Action ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Collection ,
Data Security ,
Energy Sector ,
Facial Recognition Technology ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
National Security ,
NIST ,
Oil & Gas ,
OMB ,
Pipelines ,
Proposed Legislation ,
Public Safety ,
Railways ,
Settlement ,
TSA ,
Water
The High Court has granted the victim of a cyberattack a permanent injunction against cyberattackers without the victim organisation having to reveal its identity. Generally, a claimant's identity is public in court...more
SEC Chair Gensler Indicates Commission is Looking to Update SEC’s Regulation S-P -
On September 28, 2022, Securities and Exchange Commission (“SEC” or the “Commission”) Chairman Gary Gensler appeared via video at the...more
10/14/2022
/ Advanced Notice of Proposed Rulemaking (ANPRM) ,
Algorithms ,
Anti-Discrimination Policies ,
Artificial Intelligence ,
Biden Administration ,
Broker-Dealer ,
Cloud Service Providers (CSPs) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
EU ,
EU-US Privacy Shield ,
Federal Trade Commission (FTC) ,
Foreign Trade Regulations ,
Gramm-Leach-Blilely Act ,
Hackers ,
Information Commissioner's Office (ICO) ,
International Data Transfers ,
Investment Adviser ,
Investment Companies ,
Privacy Framework ,
Regulation S-P ,
Request For Information ,
Right of Access ,
Securities and Exchange Commission (SEC) ,
Subject Access Request (SAR) ,
Title V ,
U.S. Commerce Department ,
Uber ,
UK ,
UK GDPR
The Dubai International Financial Centre’s ("DIFC") data protection authority has published its proposals for updated tools and guidance on international data transfers. A consultation on these proposals by the DIFC...more
5/5/2022
/ Cybersecurity ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Dubai ,
International Data Transfers ,
Personally Identifiable Information ,
Popular ,
Regulatory Agenda ,
Regulatory Reform ,
Standard Contractual Clauses ,
United Arab Emirates (UAE)
FTC Chair Lina Khan Questions Current Data Collection Practices by Private Industry at IAPP Global Privacy Summit, Suggests New Rulemaking May Be Necessary -
In her first major privacy address since taking the helm of the...more
4/29/2022
/ Administrative Appointments ,
Artificial Intelligence ,
Court of Justice of the European Union (CJEU) ,
Criminal Investigations ,
Critical Infrastructure Sectors ,
Data Breach ,
Data Collection ,
Data Protection ,
Federal Trade Commission (FTC) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Location Data ,
Monetization ,
Personally Identifiable Information ,
Popular ,
U.S. Commerce Department ,
US Department of State
The UK Court of Appeal has issued its judgment in one of the latest hearings in Neurim Pharmaceuticals v Generics (UK) relating to Neurim’s insomnia drug, Circadin. The Court of Appeal ruled that an exclusive licensee has...more
4/13/2022
/ Appeals ,
Corporate Counsel ,
Exclusivity ,
Intellectual Property Protection ,
IP License ,
Patent Infringement ,
Patent Litigation ,
Patents ,
Pharmaceutical Industry ,
Pharmaceutical Patents ,
Standing ,
UK
SEC Proposes New Cybersecurity Rules for Public Companies -
On March 9, 2022, the Securities and Exchange Commission (“SEC”) announced proposed amendments to its rules on cybersecurity. The proposed rules aim to “enhance and...more
3/25/2022
/ Cookie Banners ,
COPPA ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Disclosure Requirements ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Mobile Apps ,
Popular ,
Privacy Concerns ,
Publicly-Traded Companies ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Violations ,
Securities and Exchange Commission (SEC)
SEC Proposes and Seeks Comments on New Cybersecurity Rules -
At an open meeting on February 9, 2022, the Securities and Exchange Commission (“SEC”) voted three-to-one to propose new and amended rules regarding cybersecurity...more
2/25/2022
/ Asset Management ,
Cybersecurity ,
Data Collection ,
Disclosure Requirements ,
EDPS ,
International Data Transfers ,
Personal Data ,
Policies and Procedures ,
Popular ,
Registered Investment Advisors ,
Registered Investment Companies (RICs) ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Spyware
A recent UK Court of Appeal decision highlights ongoing uncertainty regarding the jurisdictional reach of the GDPR and invites intervention from the Information Commissioner’s Office. ...more
1/25/2022
/ Corporate Counsel ,
Cybersecurity ,
Data Protection ,
EU ,
EU Data Protection Laws ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Jurisdiction ,
Personal Data ,
UK
Patent offices and courts around the world have recently been grappling with the question of whether an AI system can be the inventor of a patent. This has been prompted by Dr. Stephen Thaler’s applications to designate his...more
1/20/2022
/ Artificial Intelligence ,
Computer-Related Inventions ,
EU ,
European Patent Office ,
Information Technology ,
Intellectual Property Protection ,
Inventions ,
Inventors ,
Patent Applications ,
Patent Invalidity ,
Patent-Eligible Subject Matter ,
R&D ,
Research and Development
We are delighted by the positive feedback we have received on our first two issues of Dechert Cyber Bits. Thank you for taking the time to send us your comments. In this issue of Cyber Bits, we discuss key developments from...more
11/19/2021
/ Class Action ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Enforcement Priorities ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Popular ,
Ransomware ,
Vulnerability Assessments
The value of the global medicinal cannabis market is projected to reach US$62.7 billion by 2024, with over US$22 billion of that market generated by Europe and an estimated excess of £2 billion likely to be generated in the...more
6/29/2021
/ Cannabis-Related Businesses (CRBs) ,
Financial Conduct Authority (FCA) ,
Investment ,
Investment Funds ,
Investors ,
London Stock Exchange ,
Marijuana ,
Marijuana Related Businesses ,
Medical Marijuana ,
Popular ,
UK
The European Commission has issued new Standard Contractual Clauses designed to facilitate international transfers of personal data in compliance with the GDPR. The new provisions better reflect the variety of global data...more