The event included speakers from assurance providers Yoti, and VerifyMy, digital platform providers such as Google, TikTok, the BBC and Epic Games, age-appropriate design platform K-ID, data protection regulators from the UK...more
Given the rapid speed of development in the field of AI, it is increasingly important that businesses develop effective governance to address the regulatory framework governing the development, training, use and deployment of...more
2/20/2025
/ Artificial Intelligence ,
Compliance ,
Data Privacy ,
Data Protection ,
EU ,
General Data Protection Regulation (GDPR) ,
Regulation ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
The European Union Artificial Intelligence Act (AI Act) entered into force on 1 August 2024. The AI Act establishes a risk-based approach to AI, prohibiting certain practices that are deemed unacceptable, such as social...more
2/6/2025
/ Artificial Intelligence ,
Compliance ,
Data Protection ,
Enforcement Actions ,
EU ,
European Commission ,
Healthcare ,
Regulation ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
Companies deploying high-risk artificial intelligence (AI) systems must prepare to conduct Fundamental Rights Impact Assessment (FRIA) by 2 August 2026. In this edition of our “Zooming in on AI” series we explain what this...more
As the EU presses ahead with its implementation of the AI Act, the UK continues to develop its evolutionary approach to AI policy and regulation. As the new Labour Government starts to implement its perspective and ahead of a...more
11/22/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cybersecurity ,
Data Protection ,
Digital Data ,
EU ,
Human Rights ,
International Treaties ,
Legislative Agendas ,
Personal Data ,
Popular ,
Privacy Laws ,
Proposed Legislation ,
Regulatory Agenda ,
Regulatory Reform ,
Technology Sector ,
UK ,
UK GDPR
Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more
10/30/2024
/ Artificial Intelligence ,
Automated Systems ,
Data Protection ,
Distributors ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Importers ,
Regulatory Agenda ,
Regulatory Oversight ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management ,
Technology Sector ,
Transparency
On Wednesday, the UK Government published its new Data (Use and Access) Bill with a promise that it will ‘harness the enormous power of data to boost the UK economy by GBP10 billion’ and ‘unlock the secure and effective use...more
AI-driven technology has emerged as a cornerstone of our present and future daily lives, revolutionising the way transactions and interactions are organised.
With the increased use of AI systems, there is also an...more
10/22/2024
/ Artificial Intelligence ,
Corporate Governance ,
Data Protection ,
EU ,
Machine Learning ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
Stakeholder Engagement ,
Technology Sector
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK.
2024 has seen behavioural advertising and cookies continue to dominate the agenda of...more
10/21/2024
/ Artificial Intelligence ,
Biometric Information ,
Data Protection ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Initial Coin Offering (ICOs) ,
International Data Transfers ,
Personal Data ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Technology Sector ,
UK
AI is accelerating digital transformation for companies and data governance is a key pillar in this change, enabling data strategies that unlock the potential of AI, and mitigate the risks associated with its use. Data...more
9/12/2024
/ Artificial Intelligence ,
Corporate Governance ,
Data Management ,
Data Privacy ,
Data Protection ,
EU ,
Information Governance ,
Machine Learning ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
UK
The Artificial Intelligence Act (AI Act) entered into force on 1 August 2024 and is the world's first comprehensive legal framework for AI regulation. As companies start incorporating AI tools into their business, products...more
Alongside the recent CJEU judgment on automated decision making in Schufa (see the Allen & Overy blog ) there are a range of developments related to ADM in other jurisdictions.
UK developments -
The UK Parliament is...more
In joined Cases C‑26/22 and C‑64/22, related to the German Credit Reference Agency Schufa (see A&O blog on the automated decision making case), the CJEU considered the retention of personal data regarding individuals who had...more
2023 saw a surge in interest in the application of generative AI within business models. So, if AI and data protection was your favourite genre of 2023, or if you found it to be a broken record, this post consolidates and...more
This is the last post in our series on the UK Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) proposals to introduce a new regulatory framework on diversity and inclusion (D&I) in the financial...more
12/22/2023
/ Banking Sector ,
Corporate Culture ,
Corporate Governance ,
Data Protection ,
Diversity ,
Diversity and Inclusion Standards (D&I) ,
Financial Conduct Authority (FCA) ,
Financial Services Industry ,
Prudential Regulation Authority (PRA) ,
Risk Management ,
UK
The latest post in our blog series looking at the UK Financial Conduct Authority and Prudential Regulation Authority proposals to improve diversity and inclusion (D&I) in the financial services industry focusses on data...more
11/27/2023
/ Banking Sector ,
Data Collection ,
Data Protection ,
Data Reporting ,
Disclosure Requirements ,
Diversity ,
Diversity and Inclusion Standards (D&I) ,
Financial Conduct Authority (FCA) ,
Financial Institutions ,
Financial Services Industry ,
New Regulations ,
Prudential Regulation Authority (PRA) ,
Regulatory Requirements ,
UK
ust over a year ago, on 21 April 2022, the seven economies (Canada, Japan, the Republic of Korea, the Philippines, Singapore, Taiwan, and the USA) participating in the Asia-Pacific Economic Cooperation (APEC) Cross-Border...more
7/19/2023
/ APEC ,
Court of Justice of the European Union (CJEU) ,
Cross Border Privacy Rules (CBPR) ,
Cross-Border ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Information ,
Popular ,
UK
In the five years since the European Union’s General Data Protection Regulation came into force, what have been the main learnings for business, and what will the future hold?...more
The first week of May 2023 saw further EU case law emerge on the right to compensation under the GDPR, and in this blog we analyse the implications of these latest rulings and consider what may be coming next....more
The international community are continuing to take further steps toward data free flow with trust (DFFT) in 2023, building on recent developments such as the draft EU-US Data Privacy Framework and the expansion of the Global...more
The story so far -
In July 2022 the Data Protection and Digital Information Bill (the original Bill) was introduced into Parliament and we finally got sight of the UK Government’s intended direction for data protection...more
We’re now approaching the five-year anniversary of the General Data Protection Regulation (GDPR) taking full effect.
In the run-up to 2018 and the period afterwards, there were many predictions about the likely direction of...more
The OECD breaks new ground with historic declaration on government access to private sector data: Why is the declaration important and how can it help enable data free flow with trust?...more
The 13 December 2022 marked a further stage in restoring greater stability for transatlantic personal data transfers, as the European Commission (the Commission) launched the process towards adoption of an adequacy decision...more
Another important milestone for UK data protection reform was reached this week with the proposed legislative change revealed in the Data Protection and Digital Information Bill....more