On November 10, 2021, Avi Gesser and Anna Gressel from Debevoise’s Data Strategy and Security Group shared their insights as part of a World Bank panel on FinTech and Racial Equity, moderated by Kiril Nejkov of the International Finance Corporation. Avi and Anna, along with co-panelists Kareem Saleh of Fairplay AI and Tatiana Campello of Demarest, highlighted how artificial intelligence…

The Data Strategy and Security team at Debevoise & Plimpton LLP has authored the 2022 edition of the Privacy Law Answer Book (Practising Law Institute, 2021), a user-friendly guide to the laws and regulations that govern how companies collect, use, store and transfer the personal information of their consumers and employees. Edited by Debevoise partners Jeremy Feigelson, Jim Pastore, and…

Please join Anna Gressel and Jim Pastore from Debevoise’s Data Strategy and Security and Commercial Litigation Groups on December 6-7, 2021 for the third edition of the “The Athens Roundtable on Artificial Intelligence and the Rule of Law,” the premier international, multi-stakeholder gathering on artificial intelligence, legal systems, and functions, regulatory compliance, and the rule of law. On December 7 at…

The inter-agency crypto-asset policy sprint initiative has finally taken off. This morning the Federal Reserve Board, the Federal Deposit Insurance Corporation and the Office of the Comptroller of the Currency (collectively, “the Agencies”) issued their first joint statement (the “Statement”) summarizing progress on a series of crypto-asset[1] policy sprints and revealing next steps. The Statement is a continuation of an…

On November 18, 2021, federal banking regulators published a Final Rule that imposes new notification requirements on banking organizations for certain cybersecurity incidents. Most significantly, the Final Rule requires that banking organizations notify their primary federal regulator within 36 hours after experiencing a material or potentially material cybersecurity event. The Final Rule will go into effect on April 1, 2022,…

On November 15, 2021, President Biden signed the Infrastructure Investment and Jobs Act into law, authorizing $1.2 trillion for infrastructure spending, including approximately $2 billion for various federal cybersecurity projects. This adds to a large number of cybersecurity bills that are currently pending before Congress. In this Debevoise Data Blog post, we outline the key themes and takeaways of these…

On October 27, 2021, the Federal Trade Commission (the “FTC”) announced significant updates to the Standards for Safeguarding Customer Information (the “Safeguards Rule” or “Amended Rule”).  This rule, promulgated pursuant to the Gramm-Leach-Bliley Act, is designed to protect the consumer data collected by non-bank financial institutions, such as mortgage lenders and brokers, “pay day” lenders, and automobile dealerships, among many…

Overview In a much anticipated decision, the UK Supreme Court has unanimously decided that a mass claim brought against Google by Mr Richard Lloyd, on behalf of a class that could include as many as 4.4 million iPhone users (the “iPhone Users”), cannot proceed, as currently constituted, as a ‘representative action’ in the English courts. The decision is the latest…

International companies doing business in China and Chinese companies doing business internationally have been awaiting clarification on the rules of the road governing the cross-border transfer of data out of China.  On October 29, 2021, the Cyberspace Administration of China (“CAC”) released long-awaited Draft Measures on Outbound Data Transfer Security Assessments (the “Draft Measures”) for public comment.  The Draft Measures,…

As financial institutions increasingly deploy artificial intelligence (“AI”), including machine learning and automated decision-making technologies, across their business lines, U.S. federal regulators have started to scrutinize the consumer protection implications of these technologies. Most recently, the Department of Justice (“DOJ”), in partnership with the Consumer Financial Protection Bureau (“CFPB”) and the Office of the Comptroller of the Currency (“OCC”), announced…