Robert Maddox – Page 2 – Debevoise Data Blog

Artificial Intelligence

Legal Risks of Using AI Voice Analytics for Customer Service

By: Avi Gesser, Johanna Skrzypczyk, Robert Maddox, Anna Gressel, Martha Hirst and Kyle Kysela January 10, 2023

There is a growing trend among customer-facing businesses towards using artificial intelligence (“AI”) to analyze voice data on customer calls. Companies are using these tools for various purposes including identity…

EU

European Data Protection Roundup – November

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas and Tristan Lockwood December 13, 2022

Key takeaways this November include: EU Digital Operation Resilience Act: Financial services firms – including banks, insurers and private equity firms – should start assessing what they will need to…

Critical Infrastructure

NIS2: Revised EU Cyber Rules for Critical Infrastructure

By: Robert Maddox and Tristan Lockwood November 28, 2022

On 10 November 2022, the European Parliament approved the second network and information systems directive (“NIS2”). Once approved by the Council of the European Union, NIS2 will expand the applicability…

Consent

What the GDPR Can Tell Us About State Privacy Laws

By: Johanna Skrzypczyk, Robert Maddox and Martha Hirst November 22, 2022

The EU’s General Data Protection Regulation 2016 (the “GDPR”) changed the global privacy landscape, and has been called the “gold standard” for data protection regulation. Recently, a number of U.S.…

EU

The EU Digital Operational Resilience Act (DORA): What you need to know and how to prepare

By: Robert Maddox, Stephanie Thomas and Tristan Lockwood November 21, 2022

On 28 November 2022, the European Union finalised the EU Digital Operational Resilience Act (“DORA”). Following a two year implementation period, DORA will impose far-reaching operational resilience requirements and management…

Enforcement

European Data Protection Roundup – October

By: Erez Liebermann, Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas, Tristan Lockwood and Melissa Muse November 2, 2022

Key takeaways this October include: Facial Recognition: Businesses face continued challenges in establishing GDPR-compliant facial recognition technology, including those with no presence in the EEA, after the French CNIL fined…

Cybersecurity

GDPR Technical and Organisational Measures: Lessons from the UK ICO’s £4.4m Data Breach Penalty

By: Erez Liebermann, Robert Maddox, Stephanie Thomas and Tristan Lockwood October 27, 2022

On 24 October 2022, the UK Information Commissioner’s Office (“ICO”) fined Interserve Group Limited £4.4 million for failing to implement appropriate technical and organisational measures to safeguard 113,000 individuals’ personal…

Artificial Intelligence

The EU AI Liability Directive Will Change Artificial Intelligence Legal Risks

By: Avi Gesser, Robert Maddox, Anna Gressel, Frank Colleluori, Tristan Lockwood and Michael Pizzi October 24, 2022

On September 28, 2022, the European Commission released a proposal to change the legal landscape for companies developing and implementing artificial intelligence in EU Member States. This AI Liability Directive…

Data Transfers

Privacy Shield 2.0: Biden’s Executive Order May Pave the Way for a New EU-U.S. Data Transfer Framework

By: Robert Maddox, Friedrich Popp, Tristan Lockwood, Melissa Muse and Mengyi Xu October 17, 2022

On October 7, 2022, U.S. President Biden signed Executive Order 14086 on Enhancing Safeguards for United States Signals Intelligence Activities (the “Order”). The administrative Order creates new protections applicable to…

Enforcement

European Data Protection Roundup – September

By: Luke Dembosky, Avi Gesser, Erez Liebermann, Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas, Tristan Lockwood and Melissa Muse October 10, 2022

European Data Protection Roundup – September 2022 Key takeaways this September include: Google Analytics: Continue to assess carefully the use of Google Analytics. The Danish Data Protection Agency became the…