Tristan Lockwood – Page 2 – Debevoise Data Blog

GDPR

European Data Protection Roundup – February

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Aisling Cowell, Stephanie Thomas, Tristan Lockwood, Maria Epishkina, Sophie Michalski, Alexandre Pous and Maria Santos March 27, 2023

Key takeaways from this February include: Enforcement: Businesses that use third party data to conduct marketing should review the lawful basis on which each party relies to collect and process…

EU

The Drawdown: EU Digital Operational Resilience Act – A Paradigm Shift

By: Robert Maddox and Tristan Lockwood March 22, 2023

In a new piece for The Drawdown magazine, Robert Maddox and Tristan Lockwood in our London office explore how the EU’s Digital Operational Resilience Act (“DORA”) is likely to be a…

Enforcement

European Data Protection Roundup – December 2022 and January 2023

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas, Tristan Lockwood, Melissa Muse, Anya Allen, Emily Morgan, Alexandre Pous and Maria Santos February 20, 2023

Key takeaways from December and January include: Cookies: Businesses should consider reviewing their cookie compliance following major CNIL fines against Microsoft (€60 million) and TikTok (€5 million) calling for companies…

EU

European Roundup – 2022’s Top Trends Signal Regulatory Direction for 2023

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas and Tristan Lockwood January 30, 2023

Last year, yet again, saw significant GDPR enforcement actions, important regulatory guidance, and an abundance of European legislative activity touching on cyber, data protection and AI-regulatory issues. Here, we unpack…

EU

European Data Protection Roundup – November

By: Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas and Tristan Lockwood December 13, 2022

Key takeaways this November include: EU Digital Operation Resilience Act: Financial services firms – including banks, insurers and private equity firms – should start assessing what they will need to…

Critical Infrastructure

NIS2: Revised EU Cyber Rules for Critical Infrastructure

By: Robert Maddox and Tristan Lockwood November 28, 2022

On 10 November 2022, the European Parliament approved the second network and information systems directive (“NIS2”). Once approved by the Council of the European Union, NIS2 will expand the applicability…

EU

The EU Digital Operational Resilience Act (DORA): What you need to know and how to prepare

By: Robert Maddox, Stephanie Thomas and Tristan Lockwood November 21, 2022

On 28 November 2022, the European Union finalised the EU Digital Operational Resilience Act (“DORA”). Following a two year implementation period, DORA will impose far-reaching operational resilience requirements and management…

Enforcement

European Data Protection Roundup – October

By: Erez Liebermann, Robert Maddox, Friedrich Popp, Fanny Gauthier, Stephanie Thomas, Tristan Lockwood and Melissa Muse November 2, 2022

Key takeaways this October include: Facial Recognition: Businesses face continued challenges in establishing GDPR-compliant facial recognition technology, including those with no presence in the EEA, after the French CNIL fined…

Cybersecurity

GDPR Technical and Organisational Measures: Lessons from the UK ICO’s £4.4m Data Breach Penalty

By: Erez Liebermann, Robert Maddox, Stephanie Thomas and Tristan Lockwood October 27, 2022

On 24 October 2022, the UK Information Commissioner’s Office (“ICO”) fined Interserve Group Limited £4.4 million for failing to implement appropriate technical and organisational measures to safeguard 113,000 individuals’ personal…

Artificial Intelligence

The EU AI Liability Directive Will Change Artificial Intelligence Legal Risks

By: Avi Gesser, Robert Maddox, Anna Gressel, Frank Colleluori, Tristan Lockwood and Michael Pizzi October 24, 2022

On September 28, 2022, the European Commission released a proposal to change the legal landscape for companies developing and implementing artificial intelligence in EU Member States. This AI Liability Directive…