Robert Maddox – Page 3 – Debevoise Data Blog

Enforcement

European Data Protection Roundup – December 2022 and January 2023

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas, Tristan Lockwood, Melissa Muse, Anya Allen, Emily Morgan, Alexandre Pous and Maria Santos February 20, 2023

Key takeaways from December and January include: Cookies: Businesses should consider reviewing their cookie compliance following major CNIL fines against Microsoft (€60 million) and TikTok (€5 million) calling for companies…

EU

European Roundup – 2022’s Top Trends Signal Regulatory Direction for 2023

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas and Tristan Lockwood January 30, 2023

Last year, yet again, saw significant GDPR enforcement actions, important regulatory guidance, and an abundance of European legislative activity touching on cyber, data protection and AI-regulatory issues. Here, we unpack…

Artificial Intelligence

Legal Risks of Using AI Voice Analytics for Customer Service

By: Avi Gesser, Johanna Skrzypczyk, Robert Maddox, Anna Gressel, Martha Hirst and Kyle Kysela January 10, 2023

There is a growing trend among customer-facing businesses towards using artificial intelligence (“AI”) to analyze voice data on customer calls. Companies are using these tools for various purposes including identity…

EU

European Data Protection Roundup – November

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas and Tristan Lockwood December 13, 2022

Key takeaways this November include: EU Digital Operation Resilience Act: Financial services firms – including banks, insurers and private equity firms – should start assessing what they will need to…

Critical Infrastructure

NIS2: Revised EU Cyber Rules for Critical Infrastructure

By: Robert Maddox and Tristan Lockwood November 28, 2022

On 10 November 2022, the European Parliament approved the second network and information systems directive (“NIS2”). Once approved by the Council of the European Union, NIS2 will expand the applicability…

Consent

What the GDPR Can Tell Us About State Privacy Laws

By: Johanna Skrzypczyk, Robert Maddox and Martha Hirst November 22, 2022

The EU’s General Data Protection Regulation 2016 (the “GDPR”) changed the global privacy landscape, and has been called the “gold standard” for data protection regulation. Recently, a number of U.S.…

EU

The EU Digital Operational Resilience Act (DORA): What you need to know and how to prepare

By: Robert Maddox, Stephanie Thomas and Tristan Lockwood November 21, 2022

On 28 November 2022, the European Union finalised the EU Digital Operational Resilience Act (“DORA”). Following a two year implementation period, DORA will impose far-reaching operational resilience requirements and management…

Enforcement

European Data Protection Roundup – October

By: Erez Liebermann, Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas, Tristan Lockwood and Melissa Muse November 2, 2022

Key takeaways this October include: Facial Recognition: Businesses face continued challenges in establishing GDPR-compliant facial recognition technology, including those with no presence in the EEA, after the French CNIL fined…

Cybersecurity

GDPR Technical and Organisational Measures: Lessons from the UK ICO’s £4.4m Data Breach Penalty

By: Erez Liebermann, Robert Maddox, Stephanie Thomas and Tristan Lockwood October 27, 2022

On 24 October 2022, the UK Information Commissioner’s Office (“ICO”) fined Interserve Group Limited £4.4 million for failing to implement appropriate technical and organisational measures to safeguard 113,000 individuals’ personal…

Artificial Intelligence

The EU AI Liability Directive Will Change Artificial Intelligence Legal Risks

By: Avi Gesser, Robert Maddox, Anna Gressel, Frank Colleluori, Tristan Lockwood and Michael Pizzi October 24, 2022

On September 28, 2022, the European Commission released a proposal to change the legal landscape for companies developing and implementing artificial intelligence in EU Member States. This AI Liability Directive…