Daily Compliance News: April 25, 2025, The Trouble in Travel Edition
Daily Compliance News: April 24, 2025, The Made in Malaysia Edition
Fierce Competition Podcast | Below-Threshold Mergers: Global Antitrust Scrutiny
Fierce Competition Podcast | Takeaways From the Illumina-Grail Merger Challenge Saga
The EU Corporate Sustainability Due Diligence Directive
The Informed Board Podcast | Will the EU’s Focus on Foreign Subsidies Make It More Difficult To Acquire European Businesses?
EU & UK Competition Law & Public Interest: Best Practices & New Challenges ahead
Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Nota Bene Episode 123: Europe Q2 Check In - Brexit Updates and Antitrust Laws in the Digital Economy with Oliver Heinisch
Nota Bene Episode 112: How Europe is Filling Enforcement Gaps for Digital Gatekeepers with Robert Klotz and Ciara Barbu-O’Connor
Nota Bene Episode 106: The Corporate Investor Movement Toward Environmental, Social, and Governmental Policies with Allison Troianos and Ariel Yehezkel
Nota Bene Episode 102: Examining European Union State Aid in the Face of COVID and Brexit with Jacques Derenne and Robert Klotz
What's Next after the Schrems II Decision of ECJ
Compliance Perspectives: The End of the Privacy Shield
Nota Bene Episode 89: European Q3 Check In - Merger Clearance and Data Protection Court Rulings and Brexit Updates with Oliver Heinisch
Podcast: ESMA Report: Undue Pressure on Companies
Nota Bene Episode 65: European Check In: Environmental Protection, Privacy Regulations, Digital Market Definition, and Brexit with Oliver Heinisch
Nota Bene Episode 55: Updates on the European Commission and Brexit with Isabelle Rahman and Oliver Heinisch
Jones Day Talks: EU's New Foreign Direct Investment Regulations Eye Specific Sectors
On June 25, 2025, the European Commission published the long-anticipated draft EU Space Act (“Act”), a potentially landmark regulation that will apply to both EU and non-EU operators providing space services in Europe. The...more
Generative artificial intelligence, once the subject of experimental labs and speculative fiction, is now a central force in digital transformation, and cybersecurity professionals are finding themselves on unfamiliar ground....more
This regular alert covers key policy and regulatory developments related to EU geopolitical risks, including in particular, economic security, Russia’s war against Ukraine, health threats, and cyber threats. It does not...more
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
The Artificial Intelligence Act (AI Act) is the world's first comprehensive legal framework for AI regulation, which entered into force on August 1, 2024. The AI Act aims to ensure that AI systems are trustworthy, safe and...more
The first EU & UK AI Round-up, published on 15 January 2025, discussed the important regulatory updates affecting the AI ecosystem in both the EU and the UK that occurred towards the end of 2024. Notably since that update,...more
The European Commission (EC) has adopted a Commission Delegated Regulation supplementing the Digital Operational Resilience Act (DORA) with regard to RTS specifying the criteria used for identifying financial entities...more
The European Commission (Commission) recently published a letter (Letter) that it sent to the European Supervisory Authorities (ESAs) rejecting certain draft regulatory technical standards (RTS) under the EU Digital...more
The European Supervisory Authorities have published the terms of reference for the EU systemic cyber incident co-ordination framework Forum established under the EU Digital Operational Resilience Act. The Forum will be...more
The European Insurance and Occupational Pensions Authority recently published the European Commission’s response (Q&A 2999) on the question of which services fall under the definition of “ICT services” under Article 3(21) of...more
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
European regulators recently published clarifications on the scope of ICT services under the EU Digital Operational Resilience Act (DORA), prepared by the European Commission, which confirms previous guidance and enables...more
Firms involved in implementing changes to comply with new rules under the EU Digital Operational Resilience Act (DORA) have questioned whether financial services provided by other regulated firms may fall within the...more
Our Privacy, Cyber & Data Strategy Team discusses the new Cyber Resilience Act (CRA) that affects manufacturers and distributors of connected devices that are in use anywhere in the European Union....more
On 17 October 2024, the European Commission adopted the first Implementing Regulation under the Network and Information Security 2 Directive (EU) 2022/2555 (NIS2), focusing on digital infrastructures and services. The...more
The Network and Information Systems Directive II (“NIS2“), requires that Member States transpose measures into national law by today (17 October 2024). NIS2 is part of the EU’s Cybersecurity Strategy and repeals and replaces...more
The Network and Information Security 2 Directive (EU) 2022/2555 ("NIS2") entered into force on 16 January 2023. NIS2 sets cyber rules for organizations whose services are considered essential or important for maintaining...more
WHAT HAPPENED: On June 27, 2024, the European Commission published for feedback a draft implementing act (draft implementing act) under the Network and Information Security 2 Directive (NIS2). It specifies cybersecurity...more
In December 2023, European Union (EU) lawmakers reached an agreement on the EU AI Act. In our article titled An Introduction to the EU AI Act, we focused on applicability, thresholds, timing, and penalties related to the EU...more
In the dynamic business landscape, regulatory legislation changes are constant. These alterations in laws often feel like an unrelenting force impacting senior leadership, compelling them to reassess and adjust existing...more
Late on Friday (December 8th), the European Union Commission, Parliament and Council concluded its “trilogue” negotiations for the EU Artificial Intelligence Act. The summary below is based on the information available to...more
The European Union’s (EU) new Digital Operational Resilience Act (DORA) will go into effect in January 2025. Our Privacy, Cyber & Data Strategy Team digs into DORA and discusses how the new law may impact businesses inside...more
In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more
On 28 October 2021, the Committee on Industry, Research and Energy (ITRE) of the European Parliament agreed its approach to the text of the proposed revision to the Network and Information Systems (NIS) Directive (NIS2) and...more
The General Data Protection Regulation 2016/679 (GDPR) provides means to enforce provisions related to personal data processing by you as a data controller or data processor. It introduces collective actions everywhere in...more