Great Women in Compliance: Creating Space to Speak Up: The Story Behind Psst.org
Hidden Fees in the Live-Event Ticketing and Short-Term Lodging Industries
Digital Planning Podcast Episode: Estate Planning and the Corporate Transparency Act
Episode 330 – Halyna Senyk on Anti-Corruption Progress in Ukraine
ESG Masterclass — ESG and Impact Investing
FCPA Compliance Report – Jonathan Wilson on The NSBU Decision
Áine Bryn of Mercer UK on Demonstrating the Strategic Credibility of the Marketing Function - Passle's CMO Series Podcast
Podcast - The CFPB's Proposal to Create a Public Registry
Breaking Mindsets with Sharon Sorkin from Ford on Being Reliably Transparent
Auditing and Monitoring in Healthcare
Exploring The ‘S’ In ESG & What To Expect In 2023
The Line Between Gift Giving and Bribery
The New Cold War: Risk, Sanctions, Compliance Episode 21: "Interview with Drago Kos of the OECD Working Group on Bribery"
ABA Sound Advice: Conducting Civil Rights Audits: Benefits and Best Practices
Early Advocates of Organic Food Products, Amy’s Kitchen Believes in the Benefits of a Fully Regenerative Ecosystem and Aims to Help Heal the Planet Through Its Business
AI, Analytics, and the Benefits of Transparency
Life With GDPR: Episode 50-The Experian Enforcement Notice Case
Scrutiny Increasing On Energy Private Equity Valuation
Compliance Perspectives: Supply Chain Compliance Challenges
As of May 27, 2025, Meta (Facebook and Instagram) will start using some of the personal data of European users to train its artificial intelligence (AI) systems, including tools such as Meta AI and Llama language models....more
On May 2, 2025, the Irish Data Protection Commission (“DPC”) issued a decision, as lead supervisory authority, finding that TikTok infringed the GDPR regarding (a) its cross-border transfers of EEA User Data to China, and (b)...more
As tax authorities embrace new digital technologies, the issue of safeguarding citizens' data privacy rights steps to the fore. Since the implementation of the EU General Data Protection Regulation (GDPR) in 2018, there has...more
Advocate General Spielmann opines that personal data can be pseudonymous in the hands of one party and anonymous in the hands of another....more
Sharing personal data is necessary for most organisations, but it also entails certain data protection risks. Controllers who share personal data with others must, among other obligations, ensure that they comply with the...more
The German federal and state data protection authorities published guidelines for the implementation and use of AI in compliance with the European Union's regulation of personal data ("Guidelines")....more
This blog post focuses on the transparency requirements associated with certain limited-risk artificial intelligence (AI) systems under Article 50 of the European Union’s AI Act....more
Late last month, the Association of Corporate Counsel (ACC) hosted a panel on artificial intelligence and how it is rapidly transforming the life sciences sector, allowing companies to leverage large datasets to accelerate...more
On November 9, 2023, the European Parliament adopted the EU Data Act, a new regulation providing harmonized rules on access to data, switching cloud providers and interoperability requirements across the EU. It is widely...more
On July 10, 2023, the European Commission concluded that the US ensures an adequate level of protection for personal data transferred from the European Union to US companies under the new EU-US Data Privacy Framework. Based...more
On 3 May 2022, the European Commission launched its proposal for a Regulation for the European Health Data Space to “unleash the full potential of health data”. However, questions arise as to whether this proposal is a...more
What does the United Kingdom's Information Commissioner's Office's draft guidance say about governance and anonymization? Why is it important for GDPR and for the host of new US Privacy laws, including CPRA, CDPA and CPA? ...more
On January 17, The Belgian Data Protection Authority (DPA) published Recommendation no 01/2020 providing Guidance on direct marketing. The Recommendation provides a methodology on how to comply with the General Data...more
The European Parliament recently issued a resolution directed at the European Commission on its concerns with automated decision-making processes and artificial intelligence. While the EU Parliament addresses several areas of...more
The European Data Protection Supervisor, the independent European Union authority responsible for data protection regulatory oversight, issued a preliminary opinion on data protection and scientific research. The Opinion...more
In this month's edition of our Privacy & Cybersecurity Update, we take a look at guidance on artificial intelligence released by the U.K. Information Commissioner's Office and the Turing Institute, as well as guidance...more
Artificial Intelligence (“AI”) Is A Complicated Technology Developed With Data. This Saddles AI It With A Host Of Potential Privacy Regulations, Including Europe’s Data Protection Law, The General Data Protection Regulation...more
On November 8, the Spanish data protection authority (AEPD) published new Guidelines on the Use of Cookies (Guidelines) (Spanish only). The Guidelines have been prepared in collaboration with different organisations in the...more
On October 17, the Spanish data protection authority (AEPD) published the Guide to Privacy by Design (Guide). While Privacy by Design (PbD) first became a legal requirement in the EU with implementation of the General Data...more
California passed a sweeping new privacy law that will impact many businesses. The California Consumer Privacy Act of 2018 (CCPA) is the first U.S. law to grant consumers extensive rights as to their personal information and...more
The EDPB’s new Guidelines on Article 6(1)(b) may severely limit e-commerce business’ ability to enhance data processing by unilaterally defining contractual services....more
California Adds Biometric Restrictions to Data-Breach Law, Potentially Creating a De Facto Biometric Privacy Law Subject to the governor’s signature, California’s breach-notification law will gain additional requirements...more
Why does this topic matter to organisations? EU data protection law provides data subjects with a wide array of rights that can be enforced against organisations that process personal data. These rights may limit the...more
Following numerous privacy complaints, the State Office for Data Protection Supervision (BayLDA) recently conducted a random audit on 40 companies and found widespread problems with their cookie disclosures....more
On Jan. 21, 2019, the French Data Protection Authority (CNIL) levied a 50 million euros sanction against Google LLC for violating the EU General Data Protection Regulation2 (GDPR) in the context of the first enforcement...more