Robert Maddox – Debevoise Data Blog

GDPR

European Data Protection Roundup – February

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Aisling Cowell, Stephanie Thomas, Tristan Lockwood, Maria Epishkina, Sophie Michalski, Alexandre Pous and Maria Santos March 27, 2023

Key takeaways from this February include: Enforcement: Businesses that use third party data to conduct marketing should review the lawful basis on which each party relies to collect and process…

EU

The Drawdown: EU Digital Operational Resilience Act – A Paradigm Shift

By: Robert Maddox and Tristan Lockwood March 22, 2023

In a new piece for The Drawdown magazine, Robert Maddox and Tristan Lockwood in our London office explore how the EU’s Digital Operational Resilience Act (“DORA”) is likely to be a…

Privacy

Privacy by Design: Insights from the UK ICO’s Product Design Forum

By: Robert Maddox, Stephanie Thomas, Maria Epishkina and Maria Santos March 8, 2023

On 23 February 2023, the UK ICO hosted its latest privacy forum in a series aimed at helping product designers and managers incorporate “privacy by design” or “data protection by…

Enforcement

European Data Protection Roundup – December 2022 and January 2023

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas, Tristan Lockwood, Melissa Muse, Anya Allen, Emily Morgan, Alexandre Pous and Maria Santos February 20, 2023

Key takeaways from December and January include: Cookies: Businesses should consider reviewing their cookie compliance following major CNIL fines against Microsoft (€60 million) and TikTok (€5 million) calling for companies…

EU

European Roundup – 2022’s Top Trends Signal Regulatory Direction for 2023

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas and Tristan Lockwood January 30, 2023

Last year, yet again, saw significant GDPR enforcement actions, important regulatory guidance, and an abundance of European legislative activity touching on cyber, data protection and AI-regulatory issues. Here, we unpack…

Artificial Intelligence

Legal Risks of Using AI Voice Analytics for Customer Service

By: Avi Gesser, Johanna Skrzypczyk, Robert Maddox, Anna Gressel, Martha Hirst and Kyle Kysela January 10, 2023

There is a growing trend among customer-facing businesses towards using artificial intelligence (“AI”) to analyze voice data on customer calls. Companies are using these tools for various purposes including identity…

EU

European Data Protection Roundup – November

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas and Tristan Lockwood December 13, 2022

Key takeaways this November include: EU Digital Operation Resilience Act: Financial services firms – including banks, insurers and private equity firms – should start assessing what they will need to…

Critical Infrastructure

NIS2: Revised EU Cyber Rules for Critical Infrastructure

By: Robert Maddox and Tristan Lockwood November 28, 2022

On 10 November 2022, the European Parliament approved the second network and information systems directive (“NIS2”). Once approved by the Council of the European Union, NIS2 will expand the applicability…

Consent

What the GDPR Can Tell Us About State Privacy Laws

By: Johanna Skrzypczyk, Robert Maddox and Martha Hirst November 22, 2022

The EU’s General Data Protection Regulation 2016 (the “GDPR”) changed the global privacy landscape, and has been called the “gold standard” for data protection regulation. Recently, a number of U.S.…

EU

The EU Digital Operational Resilience Act (DORA): What you need to know and how to prepare

By: Robert Maddox, Stephanie Thomas and Tristan Lockwood November 21, 2022

On 28 November 2022, the European Union finalised the EU Digital Operational Resilience Act (“DORA”). Following a two year implementation period, DORA will impose far-reaching operational resilience requirements and management…