Podcast: International Finance Corporation (IFC) Impact Investing Standards
Le 4 décembre 2024, l’Assemblée législative de l’Alberta a adopté deux projets de loi qui abrogeront et remplaceront la loi provinciale actuelle intitulée Freedom of Information and Protection of Privacy Act (la « Loi FOIP...more
Recently, the European Data Protection Board (EDPB) adopted an opinion addressing key data protection concerns arising from the use of Artificial Intelligence (AI) models. The opinion specifically focuses on how GDPR...more
Rhode Island is the latest state to enact consumer privacy legislation. The Rhode Island Transparency and Privacy Protection Act (the "Act"), which passed into law on June 28, 2024, establishes a framework for controlling and...more
Even though it may not seem like it, the purpose of laws like the EU GDPR (General Data Protection Regulation) isn’t just for the EU to gain additional revenue through fines and penalties. They exist to protect individuals’...more
The new AI Act establishes an obligation for the deployers of certain high-risk AI systems to conduct a “fundamental rights impact assessment” (“FRIA”). This will have a high impact on insurance companies that use AI systems...more
With so much of our society’s data flowing through digital platforms, keeping it safe is increasingly crucial. If your business has access to any personal information (PI)—a person's full name, phone number, email address,...more
With the passage of numerous comprehensive state laws, many U.S. companies are now subject to a formal requirement to complete a Privacy Impact Assessment (“PIA”). While the various state and international PIA requirements...more
The Information Commissioner’s Office (ICO), the personal data protection authority in the United Kingdom (UK), is running a public consultation on its draft guidance on biometric data which covers the requirements under the...more
Data protection assessments are required for high-risk processing activities in a rapidly growing set of federal, state, and international comprehensive privacy laws. These assessments are triggered by processing activities,...more
Privacy laws have entered the compliance world by storm and are quickly changing data privacy practices. The most recent state, Colorado, passed the Colorado Privacy Act (CPA) into law on July 7, 2021. This new act follows...more
Learning Objectives: - What is a PIA and a DPIA? - Who should instigate assessments? - How and when to use assessments? - The relationship between assessments and privacy by design, and legal grounds for processing...more
The dust has settled on the new EU standard contractual clauses for cross-border data transfers (“New SCCs”), but confusion still reins on how the New SCCs cover data transfers and what companies need to do to take advantage...more
Why does this topic matter to organisations? A significant aspect of complying with EU data protection law is demonstrating compliance—making it evident to DPAs that an organisation is meeting its obligations. Three of the...more
The new GDPR is much more detailed than the 1995 Directive. The GDPR has 99 articles, versus 34 in the Directive. And a few new key concepts clearly require new guidance....more
The steady trickle of GDPR guidance from the Article 29 Working Party continues. Fresh from finalising its guidance on data portability, lead supervisory authorities and data protection officers, the Working Party has...more