President Trump issued an Executive Order on June 6, 2025, that sheds light on the Administration’s approach to cybersecurity and AI by highlighting foreign threats to U.S. cybersecurity, emphasizing federal…
In Part 1 of this series, we discussed the annual cybersecurity audit requirements in the California Privacy Protection Agency (the “CPPA”)’s proposed rulemaking package (the “Draft Regulations”). In Part 2,…
Our top-five European data protection developments from February are: European Commission publishes guidelines on prohibited AI practices: The EU Commission has published non-binding guidance on the EU AI Act’s prohibited…
Our top five European data protection developments from January are: UK ransomware reporting proposals. The UK Government released a consultation on ransomware related legislative proposals, including possible reporting obligations and…
In Part 1 of this series, we discussed the annual cybersecurity audit requirements in the proposed rulemaking package (the “Draft Regulations”) of the California Privacy Protection Agency (the “CPPA”). In…
On January 28, 2025, FINRA released its 2025 FINRA Annual Regulatory Oversight Report (the “Report”). As was the case in 2024, the Report highlights continuing and emerging trends in artificial…
The first wave of the EU AI Act’s requirements came into force on 2 February 2025, namely: Prohibited AI: the ban on the use and distribution of prohibited AI systems,…
DOJ Issues Landmark Rules on Sensitive Data On December 27, 2024, the U.S. Department of Justice (“DOJ”) issued the “Final Rule on Preventing Access to Sensitive Data,” creating a comprehensive…
On September 21, 2023, the Colorado Division of Insurance (the “Division”) released Regulation 10-1-1, Governance and Risk Management Framework Requirements for Life Insurers’ Use of External Consumer Data and Information…
As we approach the end of the year, here are the Top 10 Cybersecurity posts on the Debevoise Data Blog in 2024 by page views. If you are not already…