Earlier this year, the U.S. Department of Housing and Urban Development (“HUD”) released an unannounced and immediately effective Cyber Incident Reporting Requirement (the “Original Requirements”) in Mortgagee Letter 2024-10, which…
Our top five European data protection developments from July are: EU AI guidance: Businesses should consider reviewing their AI policies and practices following guidance from the French CNIL and the…
Debevoise’s Data Strategy and Security group recently assisted four leading trade associations that represent the financial services industry in preparing a joint comment letter in response to the Cybersecurity and…
Key takeaways from April include: UK FCA’s AI regulation: UK FCA-regulated firms should take note of the FCA’s newly confirmed approach to AI regulation that seeks to be outcome-focused, principle-led,…
With the EU Digital Operational Resilience Act (“DORA”) implementation deadline set for January 2025, many financial services firms are spending 2024 preparing for the new regime. Amongst many operational resilience…
On April 22, 2024, Luke Dembosky, Erez Liebermann, HJ Brehmer, and Stephanie Thomas from our Data Strategy and Security Group hosted the next installment of our Data Security Webcast, where…
Adding to the growing number of cybersecurity incident reporting obligations, the Cybersecurity and Infrastructure Security Agency (“CISA”) has introduced a reporting requirement that will impact all critical infrastructure sectors, featuring…
On March 15, 2024, Erez Liebermann, Caroline Swett, Robert Maddox, and Stephanie Thomas from our Data Strategy and Security and Banking Groups hosted the next installment of our Data Security…
On February 28, 2024, President Biden issued an Executive Order (the “Order”) designed to protect the “sensitive personal data” of Americans from “exploitation” by “countries of concern” or related “covered…
Key takeaways from November include: AI Regulation: Businesses utilizing AI in the EU, particularly those in healthcare and generative AI, should keep in mind that European authorities and regulators continue…