Jane Shvets – Debevoise Data Blog

Artificial Intelligence

DOJ Updates Guidance on Corporate Compliance Programs to Include AI Risk Management

By: Helen V. Cantwell, Avi Gesser, Andrew M. Levine, David A. O'Neil, Winston M. Paes, Jane Shvets, Douglas Zolkind and Erich O. Grosz September 25, 2024

On September 23, 2024, the U.S. Department of Justice updated its guidance to federal prosecutors related to the “Evaluation of Corporate Compliance Programs” (the “ECCP”).[1] This revision, the first since…

Artificial Intelligence

DOJ Announces Initiative to Combat AI-Assisted Crime

By: Helen V. Cantwell, Andrew J. Ceresney, Avi Gesser, Andrew M. Levine, David A. O'Neil, Winston M. Paes, Jane Shvets, Bruce Yannett and Douglas Zolkind February 16, 2024

On February 14, 2024, Deputy Attorney General Lisa O. Monaco announced an initiative within the U.S. Department of Justice to ramp up the detection and prosecution of crimes perpetrated through…

Data Transfers

Russian Data Protection Updates: Key Points for International Businesses

By: Alan Kartashkin, Jane Shvets, Konstantin Bureiko and Robert Maddox September 12, 2022

Russia has enacted amendments to its Personal Data Law (the “Amendments”) that may have a significant impact on companies operating in Russia. The Amendments became effective on September 1, 2022, save…

Regulation

New Requirements for Localisation of Major Internet Companies in Russia

By: Jeremy Feigelson, Avi Gesser, Jane Shvets, Anna Maximenko, Nikolay Kiselev and Elena Klutchareva August 19, 2021

On 1 July 2021,[1] Federal Law No. 236-FZ on the Internet Activities of Foreign Entities in the Russian Federation (the “Law”)[2] came into force, requiring establishment of local presence, such…

Consent

Russia Introduces New Requirements for Processing of Publicly Disclosed Personal Data

By: Jane Shvets, Jeremy Feigelson, Anna Maximenko, Elena Klutchareva and Nikolay Kiselev April 19, 2021

On 1 March 2021, Federal Law No. 519-FZ on Amendments to the Federal Law on Personal Data dated 30 December 2020 (the “Law”) came into force. The Law places additional…

Data Transfers

SEC Information Requests: UK Privacy Regulator Clarifies Position

By: Karolos Seeger, Jane Shvets, Charu A. Chandrasekhar, Robert Maddox, Andrew Lee and Martha Hirst February 8, 2021

On 19 January 2021, the UK Information Commissioner’s Office (the “ICO”) published its September 2020 letter to the Securities and Exchange Commission (the “SEC”) analysing the GDPR’s impact on UK-based…

GDPR

ICO Fines Marriott £18.4m for Perceived Data Security Failings: Five Insights for Companies

By: Jeremy Feigelson, Jane Shvets, Robert Maddox and Christopher Garrett November 2, 2020

Hot on the heels of British Airways’ £20m fine (covered here), the UK Information Commissioner’s Office has fined Marriott £18.4m for alleged data security failings linked to the breach of…

GDPR

ICO issues £20m fine to British Airways

By: Jeremy Feigelson, Luke Dembosky, Jane Shvets, Christopher Garrett, Robert Maddox, Martha Hirst and Friedrich Popp October 20, 2020

In a long-awaited final decision, the UK Information Commissioner’s Office (the “ICO”) has issued a fine of £20m to British Airways (“BA”) following a data breach that took place in…

Announcement

The Debevoise Data Strategy & Security Practice Announces the Launch of Its Data Blog and Data Portal

By: Jeffrey P. Cunard, Luke Dembosky, Jeremy Feigelson, Avi Gesser, Jim Pastore, Jane Shvets and Lisa Zornberg June 8, 2020

Today, Debevoise’s Data Strategy & Security practice (DSS) is launching a Data Blog to help clients identify and respond to emerging issues, and a Debevoise Data Portal to help clients facing a breach…