On 10 November 2022, the European Parliament approved the second network and information systems directive (“NIS2”). Once approved by the Council of the European Union, NIS2 will expand the applicability…
On 28 November 2022, the European Union finalised the EU Digital Operational Resilience Act (“DORA”). Following a two year implementation period, DORA will impose far-reaching operational resilience requirements and management…
Key takeaways this October include: Facial Recognition: Businesses face continued challenges in establishing GDPR-compliant facial recognition technology, including those with no presence in the EEA, after the French CNIL fined…
On 24 October 2022, the UK Information Commissioner’s Office (“ICO”) fined Interserve Group Limited £4.4 million for failing to implement appropriate technical and organisational measures to safeguard 113,000 individuals’ personal…
On September 28, 2022, the European Commission released a proposal to change the legal landscape for companies developing and implementing artificial intelligence in EU Member States. This AI Liability Directive…
On October 7, 2022, U.S. President Biden signed Executive Order 14086 on Enhancing Safeguards for United States Signals Intelligence Activities (the “Order”). The administrative Order creates new protections applicable to…
European Data Protection Roundup – September 2022 Key takeaways this September include: Google Analytics: Continue to assess carefully the use of Google Analytics. The Danish Data Protection Agency became the…
One of the most difficult challenges for cybersecurity professionals is the increasing complexity of corporate systems. Mergers, vendor integrations, new software tools and remote work all expand the footprint of…
What happened? In the wake of the Court of Justice of the European Union’s decision in Schrems II (covered here and here) and Brexit, the EU and UK respectively updated…