FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
"Monsters Inc." y el tratamiento de los datos
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
AI Discrimination and Emerging Best Practices – Part 2 - The Good Bot Podcast
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
Our clients are at the forefront of many of the developments covered by the report. That said, I couldn’t help thinking that the report overlooked a law that takes effect in less than six months’ time and which will have...more
On February 3 2025, the European Commission published an updated version of the Frequently Asked Questions (FAQs) about the Regulation (EU) 2023/2854 on harmonised rules on fair access to and use of data (Data Act). Key...more
Artificial Intelligence has rapidly moved from theoretical to transformational, profoundly changing how businesses operate across industries. While the benefits of AI, particularly Generative AI (genAI), are monumental, these...more
January may already be in the rear-view mirror, but it’s never too late to get ahead of the eDiscovery curve as we accelerate into 2025. Driven by technological advancements and shifting client expectations, legal...more
First introduced in December 2020 by the European Commission, the European Cyber Resilience Act (“ CRA”) regulation was published in the Official Journal on November 20th. It will come into force on December 10, 2024, but...more
The CJEU considered: (a) whether a legitimate interest of the controller or third party must be determined by law, and (b) whether provision of personal data of the members of a sports federation to third parties in return...more
The EU Data Act is one of the cornerstones of the EU's Data Strategy and introduces a new and horizontal set of rules on data access and use to boost the EU's data economy. Most of the provisions of the Data Act will become...more
AI is accelerating digital transformation for companies and data governance is a key pillar in this change, enabling data strategies that unlock the potential of AI, and mitigate the risks associated with its use. Data...more
The EU recently introduced the AI Act, landmark legislation aimed at regulating artificial intelligence (AI) technologies. This article provides an in-depth overview of the EU AI Act, its implications for organizations, and...more
Challenges may arise when conducting an internal investigation related to an underlying disclosure by a whistleblower pursuant to the EU Directive, because companies must strictly comply with the GDPR. Failure to comply with...more
The EU AI Act is on the verge of becoming the first law to specifically govern the use of artificial intelligence at a European level. In light of the extensive set of new obligations imposed on companies, and considering the...more
The EU Data Act came into force on January 11, 2024. The Data Act is part of the European Commission’s data strategy released in February 2020 and obliges manufacturers of connected products to make use-related data available...more
On 22 December 2023, the Regulation on harmonized rules on fair access to and use of data ("Data Act") was published in the EU's Official Journal. The Data Act lays down rules on fair access to and use of personal and...more
A few weeks ago, on 24 September 2023, the Data Governance Act (Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance) (“DGA”) came into force. The DGA aims to...more
Last month, the European Union’s new Data Governance Act (DGA) came into effect. Our Privacy, Cyber & Data Strategy Group provides an overview of the key features of the DGA and discusses how the new law may impact businesses...more
On September 21, 2023, the UK Government announced the establishment of the “UK-US data bridge” (the Bridge), also known as the UK Extension to the EU-U.S. Data Privacy Framework (the DPF). The announcement promises to...more
The European Medicines Agency (EMA) published Version 1.1 of its “Guidance on how to approach the safeguarding of personal protected data (“PPD”) and commercially confidential information (“CCI”) while using the Clinical...more
In 1992, Singapore banned the sale of all chewing gum. But if you owned a cornerstore in the U.S. and a Singaporean tourist came to visit your business, there would be nothing to stop you from selling them a pack of gum—in...more
The Court of Justice of the European Union (CJEU) published its decision in Norra Stockholm Bygg AB v Per Nycander AB, C-268/2021 (Norra) on 2 March 2023. The CJEU held that the GDPR applies, in civil court proceedings, to...more
In Europe, the current conditions for sharing data between companies are so complicated that the potential of the industry is not fully exploited. This results in the loss of competitiveness of the European industry compared...more
When the U.K. disentangled from the European Union (EU), its General Data Protection Regulation (GDPR) status was one of many headaches for regulators to figure out. After drawn-out negotiations over points such as requiring...more
The EU’s General Data Protection Regulation (GDPR) regulates the transfer of personal data in the European Union. For many multinational employers, Standard Contractual Clauses (SCCs) offer the only practical means of...more
On January 12, 2022, the French data protection authority (“CNIL“) published guidance on the reuse of personal data by processors for their own purposes (the “Guidance”)....more
Companies not established in the UK who process the personal data of UK-based individuals are required to appoint a representative in the UK pursuant to Article 27 of the UK GDPR. This requirement may become less practical...more
EDPB Issues Draft Guidance on International Data Transfers - On November 18, 2021, the European Data Protection Board (“EDPB”) published draft guidance on the interaction between the GDPR’s transfer provisions set out in...more