On Tuesday, June 13, 11:00-11:30 AM (EDT)  Debevoise & Plimpton is hosting the 66th installment in our Insurance Webcast Series: The Revised Colorado AI Insurance Regulations – What Got Fixed and What Still Needs Fixing. Eric Dinallo of the Insurance Regulatory Group and Avi Gesser and Stephanie Thomas of the Data Strategy & Security Group will discuss the revised regulations…

On Thursday, June 22 at 10:25 AM (EDT), Erez Liebermann will speak on a panel entitled Policies and priorities to strengthen resilience at the Financial Times Cyber Resilience Summit: Technology policies, legislative frameworks and digital diplomacy are at the forefront of efforts to build cyber resilience. Government agencies and regulatory bodies are under constant pressure to refine priorities and initiatives,…

Privacy and Data Protection, a leading UK journal on practical data protection compliance issues, has featured in its latest edition an article by Robert Maddox and Stephanie Thomas on the hallmarks of effective data protection by design and default under the EU and UK GDPR.  The article encourages organisations to consider incorporating principles of data protection by design and default…

Big businesses, especially those with a global footprint and operating in regulated sectors, are increasingly confronted with new and diverging cyber incident reporting requirements. A single incident—even a relatively minor one—may require notification to dozens of data protection, cyber, law enforcement, and sectoral regulators around the world, in addition to insurers, customers, and counterparties. Not only do many regulatory reporting…

On May 26, 2023, the Colorado Division of Insurance (the “DOI”) released its Revised Draft Algorithm and Predictive Model Governance Regulation (the “Revised Regulation”), amending its initial draft regulation (the “Initial Regulation”), which was released on February 1, 2023. The Revised Regulation imposes requirements on Colorado-licensed life insurance companies that use external consumer data and information sources (“ECDIS”), as well…

The IAPP’s “Profiles in Privacy” series features a monthly conversation with a notable privacy professional to discuss their journey in privacy, challenges and lessons learned along the way. IAPP’s Jennifer Bryant interviewed Matt Kelly on topics from changes in practice technology over the course of his legal career, to the importance of mentorship and professional relationships, to the reasons he…

On May 18, 2023 Debevoise & Plimpton hosted the Second Annual Cyber Counsel Conference. Peers on cyber legal teams gathered for a day of candid conversation, exclusive guests and lots of opportunities for networking. This year’s program brought together speakers from in-house, regulatory agencies and law enforcement: Eric Goldstein, the Deputy Director of CISA, opened the conference with a keynote…

Avi Gesser, Co-Chair of the Data Strategy & Security group spoke with host Tony Lee on SHRM’s All Things Work podcast, about where AI tools excel and where they falter when used by workers. Listen to the podcast HERE. — SHRM published an accompanying article quoting Avi, entitled “The Promise and Peril of Artificial Intelligence,” about how employers and employees…

Tracey Read at Law360 Pulse interviewed Avi Gesser, partner in the Data Strategy & Security group, on the growth of Generative AI practices at law firms. The article recognizes the Debevoise Data Strategy & Security group as one of the first movers in the space, when “[i]n early 2020 Debevoise & Plimpton LLP rebranded its cyber privacy practice — which…

On Tuesday, May 16th, 2023, Andrew Bab of the Mergers & Acquisitions and Private Equity Groups and Co-Chair of the Healthcare & Life Sciences Group, Avi Gesser of the Data Strategy & Security Group, Paul Rubin, Co-Chair of the Healthcare & Life Sciences Group and the Chair of the FDA Regulatory practice and Melissa Runsten, a corporate associate published an…