As we approach the end of the year, here are the Top 10 Privacy posts on the Debevoise Data Blog in 2023 by page views. If you are not already a Blog subscriber, click here to sign up. 1. California Privacy Protection Agency Begins CCPA Rulemaking for Cybersecurity Audits (September 20, 2023) In September 2023, staff at the California Privacy…

On 8 December 2023, after months of negotiations, the European Commission, the European Parliament and the European Council reached political agreement on the terms of the European Union Artificial Intelligence Act (the “EU AI Act” or the “Act”). We previously covered the EU legislative process behind the Act here. Importantly, the final text of the Act is not yet available,…

On Wednesday, December 13, 2023, Avi Gesser, Charu Chandrasekhar, and Michelle Huang from the Data Strategy and Security Group, and Kevin Schmidt in our Mergers & Acquisitions Group, discussed how PE firms are using AI and ways to identify and mitigate AI-related risks. Key takeaways from the discussion included answers to the following questions: How are PE firms currently using AI?…

On Thursday, January 18, 10:00-10:45 AM (ET), Erez Liebermann will speak at Incident Response Forum Ransomware 2024 on a virtual panel entitled “Ransomware Attacks: The SEC, NYDFS and Other Regulatory Trends.” To learn more about the conference please click here. To register for free, please click here and use the code DEBEVOISE118. Incident Response Forum Ransomware 2024 is a unique, one-day conference that…

On December 1, 2023 partners from our Data Strategy & Security, Securities Enforcement, and Capital Markets practices discussed practice tips to implement the SEC’s new cybersecurity rules.  Receive the full conversation on-demand HERE. For more information about the SEC cybersecurity rule, see our Debevoise Data Blog posts: SEC Adopts New Cybersecurity Rules for Issuers SEC Adopts New Cybersecurity Rules for…

On December 4, 2023, the Debevoise Data Strategy and Security Group released the inaugural edition of its Cybersecurity Desk Guide for Counsel.  The Desk Guide is a reference resource for counsel, in any size of organization, covering the many facets in which legal departments could engage with cybersecurity functions. The rapid rise of cybersecurity is a key business priority for…

As legislators and regulators around the world are trying to determine how to approach the novel risks and opportunities that AI technologies present, the draft European Union Artificial Intelligence Act (the “EU AI Act” or the “Act”) is a highly anticipated step towards the future of AI regulation. Despite recent challenges in the EU “trilogue negotiations”, proponents still hope to…

Key takeaways from October include: Employee monitoring: Following new guidance issued by the UK ICO, employers may want to review their existing employee monitoring to ensure it meets the regulator’s latest expectations, including ensuring that any monitoring is necessary, proportionate, and conducted transparently. Data protection & AI: In particular: (i) the French CNIL published its first set of guidance on…

On November 16, 2023, the Committee on Professional Responsibility and Conduct for the State Bar of California (“COPRAC”) provided initial recommendations regarding use of generative AI by lawyers (the “Guidance”). The Guidance uses the existing Rules of Professional Conduct as a framework, but recognizes that generative AI is a rapidly evolving technology that might necessitate new regulation and rules in…