Daily Compliance News: April 25, 2025, The Trouble in Travel Edition
Daily Compliance News: April 24, 2025, The Made in Malaysia Edition
Fierce Competition Podcast | Below-Threshold Mergers: Global Antitrust Scrutiny
Fierce Competition Podcast | Takeaways From the Illumina-Grail Merger Challenge Saga
The EU Corporate Sustainability Due Diligence Directive
The Informed Board Podcast | Will the EU’s Focus on Foreign Subsidies Make It More Difficult To Acquire European Businesses?
EU & UK Competition Law & Public Interest: Best Practices & New Challenges ahead
Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Nota Bene Episode 123: Europe Q2 Check In - Brexit Updates and Antitrust Laws in the Digital Economy with Oliver Heinisch
Nota Bene Episode 112: How Europe is Filling Enforcement Gaps for Digital Gatekeepers with Robert Klotz and Ciara Barbu-O’Connor
Nota Bene Episode 106: The Corporate Investor Movement Toward Environmental, Social, and Governmental Policies with Allison Troianos and Ariel Yehezkel
Nota Bene Episode 102: Examining European Union State Aid in the Face of COVID and Brexit with Jacques Derenne and Robert Klotz
What's Next after the Schrems II Decision of ECJ
Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
Podcast: ESMA Report: Undue Pressure on Companies
Nota Bene Episode 65: European Check In: Environmental Protection, Privacy Regulations, Digital Market Definition, and Brexit with Oliver Heinisch
Nota Bene Episode 55: Updates on the European Commission and Brexit with Isabelle Rahman and Oliver Heinisch
Jones Day Talks: EU's New Foreign Direct Investment Regulations Eye Specific Sectors
In the six years since the EU’s General Data Protection Regulation (“GDPR”) took effect, governments around the world have updated their data protection laws to reflect the seismic changes in data processing that were created...more
The NIS 2 Directive requires a wide range of in-scope organizations to adopt robust cybersecurity measures and incident response plans....more
In December 2023, European Union (EU) lawmakers reached an agreement on the EU AI Act. In our article titled An Introduction to the EU AI Act, we focused on applicability, thresholds, timing, and penalties related to the EU...more
On February 2, 2024, representatives from the European Union (EU) member states formally approved the final text of the EU Artificial Intelligence Act (the Act), which will be subject to final legislative approval in the...more
In the dynamic business landscape, regulatory legislation changes are constant. These alterations in laws often feel like an unrelenting force impacting senior leadership, compelling them to reassess and adjust existing...more
The European Union’s (EU) new Digital Operational Resilience Act (DORA) will go into effect in January 2025. Our Privacy, Cyber & Data Strategy Team digs into DORA and discusses how the new law may impact businesses inside...more
In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more
On July 10th, the European Commission issued its Implementing Decision regarding the adequacy of the EU-UD Data Privacy Framework (“DPF”). The Decision has been eagerly awaited by US and Europe based commerce, hoping it will...more
On July 10, 2023, the European Commission (the “Commission”) adopted an adequacy decision for the EU-U.S. Data Privacy Framework (the “Framework”). The Framework provides companies that opt in with a legitimate means of...more
On 10 July 2023, the European Commission (EC) adopted its eagerly expected adequacy decision on data transfers under the EU-U.S. Data Privacy Framework (DPF). The adequacy decision was preceded by substantial changes to U.S....more
On May 22, 2023, Ireland’s Data Protection Commission (DPC) published its long-awaited decision in the Meta EU-U.S. data transfer case (Decision). In its landmark Decision, the DPC imposed a record 1.2 billion EUR fine and...more
After using a large language model, such as ChatGPT, for a while, it is not hard to image an array of nightmarish scenarios that these generative artificial intelligence (AI) programs could bring about. While ChatGPT and its...more
The European Union’s General Data Protection Regulation (GDPR) requires companies to monitor and comply with some of the strictest privacy laws in effect. Now, the European Commission is refocusing efforts and oversight on...more
Background Note: Data privacy has become a critical issue in the digital era, with laws and regulations constantly evolving. As a result, it’s important for cybersecurity, information governance, and legal discovery...more
On 13 December 2022, the European Commission (“EC”) published its draft adequacy decision for the EU-U.S. Data Privacy Framework (“DPF”) that is intended to foster trans-Atlantic data flows and address the concerns raised by...more
The 13 December 2022 marked a further stage in restoring greater stability for transatlantic personal data transfers, as the European Commission (the Commission) launched the process towards adoption of an adequacy decision...more
On Tuesday, December 13, the European Commission initiated its long-awaited process towards the adoption of an adequacy decision for the European Union (EU)-U.S. Data Privacy Framework (EU-U.S. DPF), which aims to address the...more
Key Points - President Biden has signed the long-awaited executive order implementing U.S. commitments to the new successor agreement to the Privacy Shield, the EU-U.S. Data Privacy Framework—a historic step in respect of...more
On September 15, 2022, the European Commission (EC) published a Proposal for a Cyber Resilience Act (CRA Proposal) that sets out new rules in the European Union (EU) for software and hardware products and their remote data...more
Four years ago, the European Union (“EU”) began enforcement of the General Data Protection Regulation (“GDPR”). The GDPR is a comprehensive data privacy law enacted to create a standardized and cohesive data privacy framework...more
The European Commission (EC) has proactively reached out to the Dutch Data Protection Authority (DPA) to criticize its interpretation of legitimate interest under the GDPR. The criticism is in response to enforcement actions...more
On May 25, 2022, the European Commission announced the release of a new guidance document relating to standard contractual clauses (SCCs) and international data transfers. The guidance is included in a series of questions and...more
On 25 May 2022, the European Commission released long-awaited guidance for the Standard Contractual Clauses (SCCs) adopted in June 2021. The Commission has developed Questions and Answers (Q&As) as a dynamic source of...more
The European Commission and the United States have announced a new data transfer mechanism, following the invalidation of Privacy Shield in July 2020. - Background - As data privacy experts may remember, in July 2020...more
In this month’s Privacy & Cybersecurity Update, we analyze the U.S. and EU’s joint commitment to create a new data transfer framework to replace the invalidated Privacy Shield, as well as Utah’s new state privacy law and...more