During 2023, privacy protection and artificial intelligence regulation continued apace and their implications continued to be a major focus in Israel and around the world. In Israel, this was reflected in a number of...more
If you feel like every day you wake up to a new data privacy law or piece of guidance, you’re not dreaming. Regulation and rulemaking are happening faster than ever before. The complexities relating to ethical data usage are...more
Clearview AI Inc's successful challenge to the ICO’s £7.5 million fine focused on the limits of the UK GDPR’s jurisdictional reach, succeeding on the grounds that Clearview’s processing activities were outside the scope of...more
Alongside the recent CJEU judgment on automated decision making in Schufa (see the Allen & Overy blog ) there are a range of developments related to ADM in other jurisdictions. UK developments - The UK Parliament is...more
UK-U.S. Data Bridge Approved - The UK has approved an extension to the EU-U.S. Data Privacy Framework (DPF) called the ‘UK-U.S. Data Bridge,’ which facilitates data flows from the UK to the U.S. From October 12, 2023...more
Why should I read this? A new UK-US data bridge will be available to businesses in the UK looking to transfer personal data to organizations in the United States certified under the UK Extension to the EU-US Data Privacy...more
On September 21, 2023, the UK Secretary of State for Science, Innovation and Technology laid before Parliament regulations that will operate to significantly simplify the process for UK businesses to transfer personal data to...more
From long-standing laws to incoming legislation, global nonprofits must understand the requirements and prepare for scrutiny in their handling of personal data. U.S. privacy regulations are currently a complex framework of...more
A challenging economic situation is prompting contentious staffing decisions. The rise of hybrid work has led employers to generate more information in more places about employees. Against this backdrop, more employees are...more
Organisations must provide individuals with information on the specific recipients of their data upon request. The Court of Justice of the European Union (CJEU) has ruled that organisations must generally disclose the...more
With more fintech’s looking to expand their businesses internationally, it can be daunting to navigate varying regulations across borders. This article focuses on regulations in the United Kingdom....more
Data is yet again at the top of the agenda in the UK Parliament. Seeking to balance the need for the protection of privacy of data and enabling data-driven growth, the UK Department for Science, Innovation and Technology...more
While the reform is a long way away from a certainty, it represents a departure of the UK from the EU’s strict adherence and adoption of the General Data Protection Regulation which came into effect in 2018. Earlier this...more
In November 2022, the UK Government announced that it had put in place UK GDPR ‘adequacy regulations’ in respect of South Korea (the Republic of Korea (“ROK”)). These new regulations will allow UK based organisations to...more
A new legal mechanism to allow for transfers of personal data between the EU and the U.S. is now advancing after an October 7th, 2022 Executive Order was issued by U.S. President Biden (the “Executive Order”). The new...more
SEC Chair Gensler Indicates Commission is Looking to Update SEC’s Regulation S-P - On September 28, 2022, Securities and Exchange Commission (“SEC” or the “Commission”) Chairman Gary Gensler appeared via video at the...more
Companies transferring personal data out of the EU or UK are reminded of key deadlines approaching for the contracts that govern these transfers. When the European Commission adopted the new Standard Contractual Clauses...more
The UK government has recently published proposals to amend UK data protection legislation with moves towards divergence from EU rules and regulation following the UK’s decision to leave the EU (“Brexit”). The Data Protection...more
By the end of 2023, privacy laws will protect the personal information of 75 percent of the world’s population, and with the rise of cybercrime across the globe, data protection is top of mind for organizations that manage...more
The new mechanisms, which are likely to pass Parliament, will become effective on March 21, 2022 and will require businesses and organizations to review existing and new contracts. The Information Commissioner’s Office...more
With the UK unambiguously out of the EU, this fourth and final installment of our Data & Brexit Digest explores the topic of appointed representatives under Article 27. What is an Article 27 representative? The...more
With the UK now unambiguously out of the EU, the EU General Data Protection Regulation (2016/679) (“EU GDPR”) has been replaced by the United Kingdom General Data Protection Regulation (“UK GDPR”). In this third instalment of...more
This second instalment of our Brexit & Data Digest outlines the main sources of data protection law in the UK following the end of the Brexit transition period, and how the EU GDPR may continue to have relevance for companies...more
With the end of the Brexit transition period around the corner, companies doing business in the EU and UK must prepare for data protection change – and not only international data transfers. Our Privacy & Data Security Team...more
With all that has happened this year, most of us can’t wait until 2020 is in the rear view mirror. The end of 2020, however, marks the end of the transition period provided, post-Brexit, to allow time for UK businesses and...more