Podcast: Digital Taxation—Implications for EU Technology Companies
Compliance into the Weeds-Episode 39, Disclosure of Ransomware Attacks
The European Network and Information Security 2 Directive aims to mitigate threats to network and information systems and ensure the continuity of services in the event of cybersecurity incidents. Member States must pass...more
When the UK Online Safety Act (the "Act") became law on 26 October 2023, it had established one of the most comprehensive online safety regulatory frameworks in the world. The Act's intention is to make the use of online...more
The Corporate Transparency Act (CTA), which became effective on January 1, requires that U.S. and foreign companies authorized to do business in the U.S. (each, a Reporting Company) report specific personal information...more
The European Parliament approved the Network and Information Security 2 Directive (“NIS 2”) last year, expanding the scope of the Network and Information Security Directive (“NIS”). Now Germany has introduced the draft of the...more
Texas has joined Arkansas and Utah as the third state to impose requirements on social media accounts for those under 18. Namely, with the Securing Children Online through Parental Empowerment Act (“SCOPE Act”), Texas will...more
As a former Special Agent for the Federal Bureau of Investigation who investigated cybercrimes involving children, I know from experience that the topic of increasing online protections for minors provoked intense debates...more
The Cybersecurity Administration of China ("CAC") and six other agencies jointly promulgated Interim Measures for the Administration of Generative Artificial Intelligence Services ("Generative AI Measures" or "Rules"), that...more
Updated June 2023 - The BCLP Data Privacy & Security team is tracking EU law developments relevant to data and cyber security. This tracker summarizes the effect and status of the following: the Digital Services Act, the...more
Europe is in the midst of a transformation of its regulatory strategy for digital technologies. The EU has passed or proposed a number of laws affecting digital service providers in a broad range of legal areas and sectors....more
The plenary session of the European Parliament adopted the final versions of the Directive on measures for a high common level of cybersecurity across the Union (NIS2 Directive) and of the Digital Operational Resilience Act...more
“Digital regulation” is a legislative concept and trend which has grown exponentially in recent years and looks set to develop for many more years to come....more
EU Parliament Adopts Amended Digital Services Act by a Wide Margin - On January 21, 2022, the members of the EU Parliament approved by a large majority (77%) an amended draft of the Digital Services Act (“DSA”)....more
Nearly a year after issuing the notice of proposed rulemaking, the FDIC, OCC, and Federal Reserve have issued a final rule setting new notification requirements for banks and their third-party service providers in the event...more
A group of Dutch regulators announced the establishment of the Digital Regulation Collaboration Platform (Samenwerkingsplatform Digitale Toezichthouders, or Platform). The Dutch Data Protection Authority (Autoriteit...more
On July 19, 2021, the Federal Bureau of Investigations issued a Private Industry Notification to service providers and “entities associated with the Tokyo 2020 Summer Olympics that cyber actors who wish to disrupt the event...more
Colorado just became the third state to pass a comprehensive data privacy law, creating more challenges for businesses trying to navigate a variety of state, federal, and international privacy regimes. The Colorado Privacy...more
Last week, we posted on the guidance issued by the US Department of Labor (DOL) for plan sponsors, plan fiduciaries, recordkeepers, and plan participants on cybersecurity best practices. Last week’s post focused on the...more
On April 14, 2021, the Department of Labor (“DOL”) issued three documents that provide cybersecurity guidance for plan sponsors, fiduciaries, recordkeepers, and plan participants. Cybersecurity has become an increasingly...more
On 16 December 2020, the EU released its proposed revisions to the existing Directive 2016/1148 on the security of network and information systems (NIS2)....more
On March 11, The California Attorney General (CA AG) released a second set of modifications to the proposed regulations implementing the California Consumer Privacy Act (CCPA)....more
On February 7, 2020, and again on February 10, 2020, California Attorney General Xavier Becerra released modified proposed regulations (“Modified Proposed Regulations”) to the California Consumer Privacy Act of 2018, Cal....more
On October 10, 2019, the California Attorney General added to the complexity of the California Consumer Privacy Act of 2018 (“CCPA”) by releasing long-awaited proposed regulations that provide guidance on various elements of...more
The California Consumer Privacy Act of 2018 (“CCPA”) established new privacy rights for California consumers but left many unanswered questions on how businesses should implement the new obligations imposed on them. ...more
There are many facets to California’s new data privacy law, the California Consumer Privacy Act of 2018 (CCPA), that are generating a lot of buzz — such as the new rights afforded to California consumers and the broad...more
As businesses continue to digitise their assets and operations, the need to continually assess IT infrastructure and the technical measures in place to safeguard key information assets and data becomes ever more important....more