DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
What has happened: On 21 January 2025, the European Commission sent a letter to the Chair of the Joint Committee of the ESAs with its decision to reject the draft Regulatory Technical Standards (“RTS”) on subcontracting...more
The European Commission’s adoption on 23 October 2024 of the two regulations (Regulations) supplementing the [the Regulation on digital operational resilience for the financial sector Publications Office (europa.eu)] (DORA)...more
This blog post focuses on how the EU’s Artificial Intelligence Act (“AI Act”) regulates generative AI, which the AI Act refers to as General-Purpose AI (“GPAI”) Models....more
The European Union (EU) Artificial Intelligence Act (AI Act), Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence and amending...more
What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more
The pace of new EU law continues unabated, with IoT, cyber security and digital services being key areas of activity. The BCLP Data Privacy & Security team is tracking EU law developments relevant to data and cyber security....more
A few weeks ago, on 24 September 2023, the Data Governance Act (Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance) (“DGA”) came into force. The DGA aims to...more
On February 1, 2023, the European Commission (EC) published Guidance on the requirement to publish user numbers under the Digital Services Act (DSA).The Guidance contains important information for providers of online...more
The EU's Digital Markets Act (DMA) enters into force on 1 November 2022. It promises to be one of the most significant developments in the history of EU regulation, ushering in a new era for technology companies operating in...more
Following the European Council's approval last week, the Digital Services Act (DSA) has been officially adopted, starting the countdown to the law’s entry into force later this year. The DSA builds on the Electronic Commerce...more
On July 18, 2022, the European Council formally adopted the “Regulation on contestable and fair markets in the digital sector”, also referred to as the “Digital Markets Act” or “DMA”. This marks the final step for this new...more
New High Court case considers nature and scope of the Quincecare duty - In June, the Court of Appeal expanded the scope of a bank’s duty of care to protect its customers from fraud to encompass instructions by those other...more
Mit dem Urheberrechts-Diensteanbieter-Gesetz (UrhDaG) wird ein völlig neues Haftungsregime in Deutschland etabliert. In diesem Beitrag werfen wir nun einen näheren Blick auf die Voraussetzungen, unter denen Diensteanbieter...more
Settlements are a frequently used means of efficiently terminating proceedings, not only in cartel cases but also in other antitrust proceedings. The EU Commission can avoid having to spend resources on a time-consuming...more
The financial sector is greatly dependent on information and communication technologies (ICT). The importance of ensuring remote access to financial services increased to an even greater extent during the COVID-19 pandemic,...more
The e-commerce sector inquiry and inconsistent national case law and enforcement practice have illustrated the need for clarifications and/or reform regarding e-commerce restrictions. Even after the ECJ's Coty judgment, a...more
Following European Commission adoption of the Privacy Shield on July 12, 2016, and with Privacy Shield self-certification poised to open for business organizations on August 1, 2016 as a replacement for the invalidated...more
The European Commission adopted a Delegated Regulation on Regulatory Technical Standards on the authorization and organizational requirements for, and publication of transactions by, Data Reporting Services Providers. The...more
The original Payment Services Directive (2007/64/EC) (“PSD1”) was introduced to provide greater price transparency for users of payment services and to create a level, competitive playing field among providers of different...more