Data Retention and Document Holds
Trial by Tech: The Evolution of the Digital Courtroom – Speaking of Litigation Video Podcast
Information Security and ISO 27001
No Password Required: LIVE From Sunshine Cyber Con
Calculating eDiscovery Costs: Tips from Brett Burney
No Password Required: President at Constellation Cyber, Former FBI Translator, and Finder of Non-Magical Mushrooms
Managing Large Scale Review Efficiency: Tips From a GC
DE Under 3: US DOL Inspector General’s Office Report Cites IT Modernization & Security Concerns
RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk
Podcast: Discussing Information Blocking with Eddie Williams
The Data Center Cooling Conundrum With Leland Sparks - TAG Infrastructure Talks Podcast
[Podcast] TikTok off the Clock: Navigating the TikTok Ban on Devices for Government Contractors
Everything Dynamic Everywhere: Managing a More Collaborative Microsoft 365
Law Firm ILN-telligence Podcast | Episode 62: Pierre Hurt, Lutgen & Associes | Luxembourg
ATL1, Atlanta Infrastructure and More With Brandon Peccoralo of Databank - TAG Infrastructure Talks Podcast
Expanded Information Block Rules Go into Effect
5 Key Takeaways | Current Perspectives Around the Convergence of Life Sciences and IT
No Password Required: A Child of the 1980s With a Knack for Storytelling, Comedic Timing, and Building an Elite Cybersecurity Team
Changing Hands: Keys To Downstream M&A IT Integration
Mia Reini and Monica Lopez Reinmiller on a Risk-Based Approach to Managing Employee Hotlines
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more
The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
Digital Operational Resilience Act (DORA) aims to harmonize provisions related to cybersecurity and information and communication technology (ICT) risk management in the financial sector. Its scope covers nearly all entities...more
The EU Cyber Resilience Act (CRA) entered into force on 10 December 2024. The CRA is the first legislation of its kind in the world that aims to enhance the cyber security of products or software with a digital component...more
First introduced in December 2020 by the European Commission, the European Cyber Resilience Act (“ CRA”) regulation was published in the Official Journal on November 20th. It will come into force on December 10, 2024, but...more
The CJEU considered: (a) whether a legitimate interest of the controller or third party must be determined by law, and (b) whether provision of personal data of the members of a sports federation to third parties in return...more
Introduction - 2024 has been another big year for privacy. Several new state privacy laws are going into effect, with several more coming in 2025, while a federal privacy law continues to be discussed that would further...more
We have been talking about it since last year: the bill to secure and regulate the digital space ("SREN") has now been passed. The legislative process leading up to the enactment of the SREN bill has been slow (as a reminder:...more
Beginning October 12, 2023, the UK-U.S. Data Bridge will allow UK companies to transfer personal data to the United States using the new EU-U.S. Data Privacy Framework....more
Organizations developing or using generative AI tools should implement cross-functional governance frameworks to develop and continuously monitor their use of such tools. From the earliest stages of generative AI use,...more
There will be additional compliance obligations and mandatory contractual provisions introduced for financial entities and outsourced IT service providers. The new DORA seeks to strengthen the resilience of financial...more
In 1992, Singapore banned the sale of all chewing gum. But if you owned a cornerstore in the U.S. and a Singaporean tourist came to visit your business, there would be nothing to stop you from selling them a pack of gum—in...more
On 16 November 2022, EU Regulation 2022/2065, better known as the Digital Services Act (“DSA”), came into force. The DSA is a key development in the use of online services in the European Union (“EU”), with an impact on...more
The UK government confirmed on 30 November 2022 that there will be changes to the UK’s cybersecurity regulations in response to a public consultation launched earlier this year. This follows recent updates relating to the...more
On September 15, 2022, the European Commission (EC) published a Proposal for a Cyber Resilience Act (CRA Proposal) that sets out new rules in the European Union (EU) for software and hardware products and their remote data...more
The EU’s General Data Protection Regulation (GDPR) regulates the transfer of personal data in the European Union. For many multinational employers, Standard Contractual Clauses (SCCs) offer the only practical means of...more
By the close of 2021, EU data protection authorities (“DPA”) had initiated investigations into a number of US tech companies operating in Europe and further investigations are set to continue. In a recent case concerning...more
An international law-enforcement effort has led to the arrest of multiple individuals affiliated with the most prolific ransomware cartel operating today. In November, Justice Department officials announced indictments and an...more
Today’s global healthcare marketplace is marked by unprecedented transformation. The seismic shifts in healthcare delivery and drug development during COVID-19 have, in 2021, continued to demonstrate the power and capacity...more
The German Bundestag adopted the IT Security Act 2.0 (IT-Sicherheitsgesetz 2.0 – "IT-SiG 2.0") on 23 April 2021. On 7 May, the draft IT-SiG 2.0 has now also been endorsed in the Bundesrat. We have set out the latest key...more
The European Commission adopted a roadmap for the European Union's digital economy until 2030 on February 10, 2021. The roadmap aims to provide the following: This digital transformation targets European citizens, businesses,...more
Website and app operators are jointly liable with Facebook for violations of European data protection law - In its judgment of 29 July 2019 (ref.C-40/17), the European Court of Justice has ruled on two essential points...more
The legal requirements for the use of cookies have been subject to discussion over the last few years, with little to no enforcement and guidance from European data protection authorities (DPAs). That has changed recently....more