We recently provided a quick guide on the comparative capabilities of the various models currently available through GPT Enterprise based on our experience as lawyers using these models and OpenAI’s own recommendations. Below is an update to that guide based on our use of the new GPT-5 models since they became available to us on August 7, 2025. Again, this…

Overview Companies responding to data breaches are faced with the question of whether their incident response investigation is protected by attorney-client privilege or attorney work-product doctrine.  The issue primarily relates to whether reports generated by an incident response firm may be protected from discovery in U.S. litigation, but other communications may also be at risk in discovery if the work…

On August 20, 2025, Colorado’s Division of Insurance (the “Division”) adopted final amendments to its regulation on the Governance and Risk Management Framework Requirements for certain insurers that use external consumer data and information sources (“ECDIS”), algorithms, and predictive models that use ECDIS (“Models”) (the “Amended Regulation”). The Amended Regulation builds on the 2023 rule that directed governance, risk management,…

In a recent episode of the Afternoon Cyber Tea with Ann Johnson, Erez Liebermann, Debevoise Data Strategy and Security partner and Co-Chair of the firm’s Technology Group, joined Ann Johnson of Microsoft to discuss how legal and security teams can work as true strategic partners. He shared practical insights on aligning compliance with business priorities, building trust across functions, and…

Over the past several months, we have observed a significant increase in AI adoption among our clients. In this Debevoise Data Blog post, we provide five reasons why some businesses are accelerating their use of AI and eight factors that impact whether those efforts succeed. A. Five Reasons Why Businesses Are Accelerating AI Adoption AI Is Pretty Good Now and…