Great Women in Compliance: Creating Space to Speak Up: The Story Behind Psst.org
Hidden Fees in the Live-Event Ticketing and Short-Term Lodging Industries
Digital Planning Podcast Episode: Estate Planning and the Corporate Transparency Act
Episode 330 – Halyna Senyk on Anti-Corruption Progress in Ukraine
ESG Masterclass — ESG and Impact Investing
FCPA Compliance Report – Jonathan Wilson on The NSBU Decision
Áine Bryn of Mercer UK on Demonstrating the Strategic Credibility of the Marketing Function - Passle's CMO Series Podcast
Podcast - The CFPB's Proposal to Create a Public Registry
Breaking Mindsets with Sharon Sorkin from Ford on Being Reliably Transparent
Auditing and Monitoring in Healthcare
Exploring The ‘S’ In ESG & What To Expect In 2023
The Line Between Gift Giving and Bribery
The New Cold War: Risk, Sanctions, Compliance Episode 21: "Interview with Drago Kos of the OECD Working Group on Bribery"
ABA Sound Advice: Conducting Civil Rights Audits: Benefits and Best Practices
Early Advocates of Organic Food Products, Amy’s Kitchen Believes in the Benefits of a Fully Regenerative Ecosystem and Aims to Help Heal the Planet Through Its Business
AI, Analytics, and the Benefits of Transparency
Life With GDPR: Episode 50-The Experian Enforcement Notice Case
Scrutiny Increasing On Energy Private Equity Valuation
Compliance Perspectives: Supply Chain Compliance Challenges
On May 2, 2025, the Irish Data Protection Commission (“DPC”) issued a decision, as lead supervisory authority, finding that TikTok infringed the GDPR regarding (a) its cross-border transfers of EEA User Data to China, and (b)...more
Advocate General Spielmann opines that personal data can be pseudonymous in the hands of one party and anonymous in the hands of another....more
The European Data Protection Board’s recent opinion on AI models can be useful in several ways. Last week, I covered EDPB’s take on what the consequences could be for the unlawful processing of personal data in the...more
Many governments are grappling with the question of how to regulate artificial intelligence to ensure it is adopted safely and used responsibly without hampering innovation. Governments have generally indicated similar...more
Sharing personal data is necessary for most organisations, but it also entails certain data protection risks. Controllers who share personal data with others must, among other obligations, ensure that they comply with the...more
The OECD's AI recommendations encourage Member States to uphold principles of trustworthy AI. Laws/Regulations directly regulating AI (the “AI Regulations”) The OECD's Recommendation of the Council on Artificial...more
This blog post focuses on the transparency requirements associated with certain limited-risk artificial intelligence (AI) systems under Article 50 of the European Union’s AI Act....more
Late last month, the Association of Corporate Counsel (ACC) hosted a panel on artificial intelligence and how it is rapidly transforming the life sciences sector, allowing companies to leverage large datasets to accelerate...more
On December 8, 2023, EU policymakers reached an agreement on the Artificial Intelligence Act (AI Act). As a standard-bearer for global digital and data governance, the EU has been setting regulatory benchmarks on emerging...more
On November 9, 2023, the European Parliament adopted the EU Data Act, a new regulation providing harmonized rules on access to data, switching cloud providers and interoperability requirements across the EU. It is widely...more
On July 10, 2023, the European Commission concluded that the US ensures an adequate level of protection for personal data transferred from the European Union to US companies under the new EU-US Data Privacy Framework. Based...more
On 3 May 2022, the European Commission launched its proposal for a Regulation for the European Health Data Space to “unleash the full potential of health data”. However, questions arise as to whether this proposal is a...more
On January 17, The Belgian Data Protection Authority (DPA) published Recommendation no 01/2020 providing Guidance on direct marketing. The Recommendation provides a methodology on how to comply with the General Data...more
The European Parliament recently issued a resolution directed at the European Commission on its concerns with automated decision-making processes and artificial intelligence. While the EU Parliament addresses several areas of...more
The European Data Protection Supervisor, the independent European Union authority responsible for data protection regulatory oversight, issued a preliminary opinion on data protection and scientific research. The Opinion...more
On October 17, the Spanish data protection authority (AEPD) published the Guide to Privacy by Design (Guide). While Privacy by Design (PbD) first became a legal requirement in the EU with implementation of the General Data...more
The EDPB’s new Guidelines on Article 6(1)(b) may severely limit e-commerce business’ ability to enhance data processing by unilaterally defining contractual services....more
California Adds Biometric Restrictions to Data-Breach Law, Potentially Creating a De Facto Biometric Privacy Law Subject to the governor’s signature, California’s breach-notification law will gain additional requirements...more
Why does this topic matter to organisations? EU data protection law provides data subjects with a wide array of rights that can be enforced against organisations that process personal data. These rights may limit the...more
Following numerous privacy complaints, the State Office for Data Protection Supervision (BayLDA) recently conducted a random audit on 40 companies and found widespread problems with their cookie disclosures....more
With the coming into effect of the General Data Protection Regulation (GDPR), those conducting clinical trials in the EU face a complex set of rules ranging from lawful grounds for processing and transparency to restrictions...more
The European Data protection Board (“EDPB”), which is composed of representatives of the national data protection authorities, and the European Data Protection Supervisor, adopted its report on the second annual review of the...more
On 21 January 2019, the French Data Protection Authority (the “French DPA”) fined Google LLC 50 million euros for breach of the GDPR. As we reported on this blog, just after GDPR became applicable, noyb.eu (None of Your...more
Now that May 25th, the long awaited effective date of the European Union (“EU”) General Data Protection Regulation (Regulation 2016/679) (“GDPR”), has arrived, many companies are realizing that they have more work to do to...more
There is much for authorised firms to consider in the year ahead. Firms have been through the intensive period of the enactment of the second Markets in Financial Instruments Directive (MiFID II), but must now step up their...more