The Debevoise AI practice has been profiled in The American Lawyer. The article discusses how the firm has recently invested in its AI practice, as it did years ago in our cybersecurity practice, and positioned the Data Strategy & Security group, and other practices at the firm, at the cutting edge of advising clients on the next generation of data…

Risk assessments are a critical component of a robust cybersecurity program. To benchmark their risk assessments and cybersecurity maturity reviews, companies often look to recognized industry standards such as the National Institute of Standards and Technology Cybersecurity Framework (“NIST CSF” or “the Framework”). In this Debevoise Data Blog post, we discuss proposed changes to the Framework and offer takeaways for…

On Tuesday, February 21st, Avi Gesser, Sam Allaman and Melissa Muse from our Data Strategy and Security Group hosted for a conversation between ChatGPT and ChatGPT on how lawyers are using ChatGPT, as well as its risks and benefits to the legal industry. The webcast included: A demonstration of ChatGPT’s ability to draft legal documents. The use of other AI…

Key takeaways from December and January include: Cookies: Businesses should consider reviewing their cookie compliance following major CNIL fines against Microsoft (€60 million) and TikTok (€5 million) calling for companies to ensure user consent is paramount and that refusing cookies is as easy as accepting them; More on cookies: Websites are advised to implement user-friendly cookie consent mechanisms such as…

On February 1, 2023, the Colorado Division of Insurance (“DOI”) released its draft Algorithm and Predicative Model Governance Regulation (the “Draft AI Regulation”). The Draft AI Regulation imposes requirements on Colorado-licensed life insurance companies that use external data and AI systems in insurance practices. This release follows months of highly active engagement between the DOI and industry stakeholders, resulting in…

On Monday, February 13, 2023, Eric Dinallo and Marshal Bozzo of the firm’s Insurance Regulatory Group and Avi Gesser, Erez Liebermann and Anna Gressel of the Data Strategy and Security Group discussed the latest developments on AI insurance regulation in Colorado. This was the latest installment in Debevoise’s series of webcasts focused on developments affecting the insurance industry; it covered the following: Key…

ChatGPT is an AI language model developed by OpenAI that was released to the public in November 2022 and already has millions of users. While most people were initially using the publicly available version of ChatGPT for personal tasks (e.g., generating recipes, poems, workout routines, etc.), many have started to use it for work-related projects. In this Debevoise Data Blog…

On Tuesday, February 7th, 2023, Erez Liebermann hosted Vladimir Drinkman for a conversation about the hacks, the prosecution and Drinkman’s role now as he looks to help companies facing today’s cyber threats.  Vladimir Drinkman participated in the largest credit and debit card hacking to date. He was arrested in Amsterdam and served time after receiving a 12 year sentence. Drinkman…

On February 1, 2023, the Colorado Attorney General (“COAG”) held a public hearing as part of its rulemaking process for the Colorado Privacy Act (“ColoPA”). Ahead of the hearing, the COAG released its third draft of proposed rules (“proposed rules”) for the ColoPA. Here in Part 2 of our 2023 U.S. State Privacy Laws series, we review key components of…

Last year, yet again, saw significant GDPR enforcement actions, important regulatory guidance, and an abundance of European legislative activity touching on cyber, data protection and AI-regulatory issues. Here, we unpack five trends which defined 2022 and signal areas to watch in 2023: Increased AI regulation; Prioritization of operational resilience; Focus on children’s privacy; Continued complication in data transfers out of…