As the European Union edges ever-closer to formally enacting the EU AI Act, attention is turning to how other jurisdictions will approach AI regulation. In the UK, individual regulators will…
Key takeaways from April include: UK FCA’s AI regulation: UK FCA-regulated firms should take note of the FCA’s newly confirmed approach to AI regulation that seeks to be outcome-focused, principle-led,…
With the EU Digital Operational Resilience Act (“DORA”) implementation deadline set for January 2025, many financial services firms are spending 2024 preparing for the new regime. Amongst many operational resilience…
Key takeaways from March include: CNIL data security practice guide: The French DPA published an update of its data security practice guide for data protection officers, chief information security officers,…
On March 15, 2024, Erez Liebermann, Caroline Swett, Robert Maddox, and Stephanie Thomas from our Data Strategy and Security and Banking Groups hosted the next installment of our Data Security…
Key takeaways from January include: Transparency about data processing and retention: In a reminder of the importance of transparency under the GDPR, and the need for companies to make their…
Almost a year after it initially published its White Paper on AI Regulation (the “AI White Paper”) and launched its associated consultation, the UK government has published its consultation response…
In 2022, the UK ICO published the International Data Transfer Agreement (“IDTA”) and the International Data Transfer Addendum to the European Commission’s Standard Contractual Clauses (“the Addendum”). In short, the…
Key takeaways from December include: Concept of non-material damage under GDPR: In an expansive reading of the right to compensation under GDPR, a data subject’s fear that their personal data…
Key takeaways from November include: AI Regulation: Businesses utilizing AI in the EU, particularly those in healthcare and generative AI, should keep in mind that European authorities and regulators continue…