The act of predicting what will become the dominating storyline of data privacy and cybersecurity in 2025 is a hazardous enterprise, as one is almost surely to get something wrong. Without fail, every year, regulators and the...more
1/6/2025
/ Artificial Intelligence ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Digital Operational Resilience Act (DORA) ,
Enforcement Actions ,
EU ,
Machine Learning ,
PCI-DSS Standard ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
State Privacy Laws ,
Technology Sector ,
Web Tracking ,
Websites
WHAT HAPPENED: On June 27, 2024, the European Commission published for feedback a draft implementing act (draft implementing act) under the Network and Information Security 2 Directive (NIS2). It specifies cybersecurity...more
DOJ DOUBLES DOWN ON CORPORATE ENFORCEMENT WITH NEW WHISTLEBLOWER PROGRAM -
During the 2024 American Bar Association National Institute on White Collar Crime (the 2024 White Collar Conference) earlier in March US Attorney...more
5/9/2024
/ Artificial Intelligence ,
Automotive Industry ,
Corporate Governance ,
Corporate Misconduct ,
Department of Justice (DOJ) ,
EU ,
Intellectual Property Litigation ,
Intellectual Property Protection ,
Labor Regulations ,
Payment Systems ,
PCI-DSS Standard ,
Pilot Programs ,
Regulatory Agenda ,
Unified Patent Court ,
Unions ,
Whistleblower Protection Policies ,
Whistleblowers ,
White Collar Crimes
In a groundbreaking move, the European Union has launched its bid to set the new comprehensive standard for the regulation of artificial intelligence (AI) with the European Parliament passing the EU AI Act on March 13, 2024....more
In the rapidly evolving digital landscape, the European Union’s Data Act (Data Act), adopted on November 27, 2023 marks a significant shift in data, privacy, and intellectual property regulation.
The Data Act applies to...more
Article 5(3) of the EU ePrivacy Directive (ePD) requires consent for tracking cookies (unless exceptions apply). Although this rule is best known as the reason behind ‘cookie’ banners, it is technology neutral and applies to...more
1/18/2024
/ Consent ,
Cookies ,
Draft Guidance ,
EU ,
European Data Protection Board (EDPB) ,
Internet of Things ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Technology Sector ,
Web Tracking
On July 4, 2023, the Court of Justice of the European Union (CJEU) issued a ruling in the case involving Meta Platforms Inc., Meta Platforms Ireland, and Facebook Deutschland (Meta). The judgement explores the intersection of...more
7/12/2023
/ Competition ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Digital Marketplace ,
EU ,
European Court of Justice (ECJ) ,
Facebook ,
General Data Protection Regulation (GDPR) ,
Legislative Agendas ,
Metaverse ,
National Competent Authorities (NCA) ,
New Legislation ,
New Regulations ,
Online Platforms ,
Privacy Laws ,
Social Networks
At the end of June, the European Data Protection Board (EDPB) published its Recommendations (Recs) on Binding Corporate Rules (BCRs). Among other things, the Recs require existing and in process BCRs to:
- Incorporate...more
7/7/2023
/ Audits ,
BCRs ,
Data Privacy ,
Data Protection ,
EU ,
European Court of Justice (ECJ) ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Privacy Laws ,
Regulatory Requirements ,
Schrems I & Schrems II
Join McDermott’s Global Privacy & Cybersecurity team for a webinar series that delves into the most significant policy initiatives shaping the digital landscape in Europe: the respective EU and UK Digital Strategies. They...more
In a recent non-binding opinion, EU regulators expressed timid positivity about the European Commission’s draft adequacy decision on the EU-US transatlantic data flows framework (Data Privacy Framework or DPF). While some...more
2022 was yet another eventful year in terms of GDPR compliance. The continued evolution of the enforcement landscape, with increasing number of sanctions and individuals exercising their rights required time and attention...more
1/30/2023
/ Corporate Counsel ,
Data Protection ,
Data Security ,
Enforcement Actions ,
EU ,
EU-US Privacy Shield ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Privacy Laws ,
Risk Assessment ,
Sanctions ,
UK
The European Data Protection Board (EDPB) adopted a draft report of the work undertaken by the Cookie Banner Taskforce (the Report). The Report describes how regulators apply cookie legislation in handling certain types of...more
1/23/2023
/ CNIL ,
Cookie Banners ,
Cookies ,
Corporate Counsel ,
Data Collection ,
Enforcement Actions ,
EU ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
UK
As global businesses evolve and become more digitally driven, companies around the world must focus on their data privacy strategy. In 2022, both US and EU based companies have seen an increase in GDPR enforcement actions and...more
Since Schrems II invalidated the US/EU Privacy Shield, the flow of personal data from the European Union to the United States has been subject to intense regulatory scrutiny. Companies transferring personal data to the United...more
We are delighted to welcome you to our next webinar “Get Ready to Go Back to School: What You Might Have Missed this Summer in Data Privacy” which will cover the following topics:
- The Digital Services Act, Digital...more
9/23/2022
/ Artificial Intelligence ,
Binding Corporate Rules ,
Data Privacy ,
Data-Sharing ,
Digital Service Providers ,
Electronic Protected Health Information (ePHI) ,
EU ,
European Commission ,
Information Governance ,
International Data Transfers ,
Online Platforms ,
Privacy Laws ,
Proposed Legislation ,
Proposed Regulation ,
Sanctions ,
Standard Contractual Clauses ,
Webinars