This month’s briefing covers President Trump’s executive orders, as well as the EU Commission’s decision not to proceed with the AI Liability Directive. Meanwhile, an advocacy organization’s lawsuit alleges Meta’s ad...more
The UK government has launched a public consultation on proposed measures to combat ransomware — a growing cyber threat with serious economic and security implications — and seeks input from businesses, cybersecurity...more
Background -
The Digital Operational Resilience Act (DORA), a European Union (EU) regulation that is set to transform how financial entities and their information technology (IT) service providers manage operational risks,...more
The UK government has recently announced that it plans to introduce a Cyber Security and Resilience Bill (Bill). The Bill seeks to update the 2018 Network and Information Security Regulations, which implemented the European...more
10/18/2024
/ Cybersecurity ,
EU ,
Financial Institutions ,
Financial Services Industry ,
Legislative Agendas ,
Life Sciences ,
New Legislation ,
New Regulations ,
Pharmaceutical Industry ,
Privacy Laws ,
Regulatory Agenda ,
UK
A week before the EU’s AI Act comes into force on August 1, the White House announced that U.S. agencies have completed all actions required by President Biden’s AI Executive Order to date. Meanwhile, the Republican Party...more
The long-awaited European Union Artificial Intelligence Act (the AI Act) is nearing implementation following its adoption by the European Council yesterday (21 May 2024). This signals the completion of the final major stage...more
Open insurance is a trend gaining traction throughout the global insurance industry. Similar to open banking, it involves the industry moving to a connected data ecosystem powered by open application programming interfaces...more
On 1 April 2024, the UK and US signed a memorandum of understanding on the science of AI safety. This partnership is the first of its kind and will see the two countries work together to assess risks and develop safety tests...more
The long-awaited proposed AI Act, once enacted, will be a comprehensive cross-sectoral regulatory framework for artificial intelligence (AI). Its aim is to regulate the development and use of AI by providing a framework of...more
While the focus of attention in the world of AI has been the EU AI Act: EU AI Act Agreed – Discerning Data in recent weeks, there have also been some other noteworthy legislative developments. On 22 November 2023, the...more
12/18/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Management ,
EU ,
Intellectual Property Protection ,
New Legislation ,
New Regulations ,
Regulatory Agenda ,
Regulatory Requirements ,
Technology Sector ,
UK
Late on Friday (December 8th), the European Union Commission, Parliament and Council concluded its “trilogue” negotiations for the EU Artificial Intelligence Act. The summary below is based on the information available to...more
On 19 September 2023, the UK Parliament passed the Online Safety Bill (“OSB”). The OSB aims to protect individuals from illegal online content and focuses on the protection of children by requiring the removal of content that...more
10/18/2023
/ Compliance ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement ,
Extraterritoriality Rules ,
General Data Protection Regulation (GDPR) ,
New Legislation ,
Online Platforms ,
Online Safety for Children ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
Risk Management ,
UK
On 22 May 2023, the Irish Data Protection Commission (DPC) issued Meta Platforms Ireland Limited (Meta Ireland) with a EUR 1.2 billion (approximately 1.3 billion U.S. dollar) fine for breaches of the GDPR with respect to...more
On February 24, 2023, the Cyberspace Administration of China (CAC) released the much-awaited Measures for the Standard Contract for Outbound Transfer of Personal Information (China SCC Measures) together with the issuance of...more
Meta Ireland (Meta) has recently been issued with two fines by the Irish Data Protection Commission (DPC) for breaches of the EU General Data Protection Regulation (GDPR) relating to advertisements run on its Facebook and...more
1/18/2023
/ Advertising ,
Corporate Counsel ,
Cybersecurity ,
Data Controller ,
Data Protection ,
Data Protection Commissioner ,
EU ,
European Data Protection Board (EDPB) ,
Facebook ,
Fines ,
General Data Protection Regulation (GDPR) ,
Instagram ,
Metaverse ,
Privacy Laws
The below is a brief summary of the judgment handed down in Lloyd v Google LLC [2021] UKSC 50 by the Supreme Court on November 10, 2021 as potentially one of the most significant and anticipated data privacy judgments to...more
On September 10, the U.K. government launched a consultation “Data: A New Direction” (Consultation), which proposes significant changes to the U.K.’s data protection framework.
The U.K. government has signalled its...more
Last year’s European Court of Justice (ECJ) judgement in Data Protection Commissioner v Facebook Ireland LTD, Maximillian Schrems, C-311/18 (Schrems II) continues to have ramifications for cross border data transfers. The...more
In early June 2021, the European Commission adopted a new set of Standard Contractual Clauses for organizations to use to ensure compliance with the EU General Data Protection Regulation (GDPR) requirements for transfers of...more
Following on from this week’s big announcement by the European Data Protection Board (EDPB) on its expectations for international data transfers after the European Court of Justice’s July 16 Schrems II decision, the European...more
On November 11, 2020, the European Data Protection Board (EDPB) issued two much-anticipated guidance documents, outlining the approach it expects organizations to take when transferring data out of the EU. Although these...more
On 30 October 2020, the UK’s data privacy regulator, the Information Commissioner’s Office (ICO) issued a final penalty notice (Penalty Notice) to fine the hotel chain Marriott International, Inc. (Marriott) for a GDPR data...more
11/10/2020
/ Corporate Counsel ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Marriott ,
Popular ,
UK
At £20 million, the fine imposed on British Airways (BA) for its infringement of the General Data Protection Regulation is the biggest fine of its kind in the history of the U.K.’s Information Commissioner’s Office (ICO)....more
The U.K. government recently launched a consultation process for regulating consumer Internet of Things (IOT) security. This could have significant implications for U.S. manufacturers, given that the U.K. will remain a key...more
On July 16, the highest court in the European Union (EU), the Court of Justice of the European Union (CJEU), issued a landmark judgment in the case of Data Protection Commissioner v Facebook Ireland Limited, Maximillian...more