Deepfakes have become one of the most well-discussed risks of the generative AI era. A common news headline topic, they are also attracting increasing regulatory attention. There are several new…
Debevoise & Plimpton LLP announced the launch of STAAR 2.0, an enhanced version of its award-winning[1] client-facing AI platform designed to help in-house legal and compliance teams evaluate, govern, and…
The cyber threat landscape in 2025 was varied with greater ebbs and flows in threat actor activity than in previous years. After a relatively quiet first half, cyberattacks ramped up…
As we approach the end of the year, here are the top 5 privacy posts on the Debevoise Data Blog in 2025. Takeaways for Large Firms from the SEC’s Reg…
Why Agentic AI Often Fails and the Enduring Value of Human Judgment (11/4/2025) We’ve been doing a lot of work recently on agentic AI workflows. In this post, we share…
This summer, the UK enacted the long-anticipated Data (Use and Access) Act 2025 (“DUAA”), the first major amendments to the UK’s data protection legislation since Brexit. The changes include substantial…
The EU Data Act (or the “Act”) is a new regulation that establishes rules on who can access and use data generated by connected devices and related services – data…
On 2 August 2025, the second wave of requirements under the EU AI Act (the “Act”) entered into force, following the first implementation phase six months ago. This latest set…
Ahead of the EU AI Act’s (the “Act”) General Purpose AI (“GPAI”) model requirements coming into force on 2 August 2025, EU authorities have released further guidance and Codes of…
The insurance industry has been an early adopter of AI systems, which are reshaping how insurers assess risk, underwrite policies, detect fraud, engage with customers, and conduct their internal business…