On Thursday, October 31, Avi Gesser and Matt Kelly will speak at the 8th Annual Disruption and Innovation in the Delivery of Legal Services Conference 2024-25 as a part of the workshop on “How AI is Transforming the Law Firm Internally and Externally.” The speakers will address the current use of AI in law firms, discuss what new tools are…
On October 16, 2024, the New York Department of Financial Services (the “NYDFS”) issued an Industry Letter providing guidance on assessing cybersecurity risks associated with the use of AI (the “Guidance”) under the existing 23 NYCRR Part 500 (“Part 500” or “Cybersecurity Regulation”) framework. The Guidance applies to entities that are covered by Part 500 (i.e., entities with a license…
Debevoise & Plimpton LLP has been shortlisted for the Financial Times’ Innovative Lawyers North America awards in the “Innovation in New Services to Manage Risk” category. The firm was selected for its global and interdisciplinary Data Strategy and Security practice (DSS) and the approach taken by DSS to developing its people and their skills. As a result of this initiative, DSS is recognized…
Earlier this year, the U.S. Department of Housing and Urban Development (“HUD”) released an unannounced and immediately effective Cyber Incident Reporting Requirement (the “Original Requirements”) in Mortgagee Letter 2024-10, which imposed onerous requirements for Federal Housing Administration (“FHA”)-approved Mortgagees. These requirements included a 12-hour notification to HUD of even suspected incidents or incidents that violated policy. (We wrote about the…
On Thursday, October 17th, at 10:40-11:25 AM (ET), Robert Maddox will speak on a virtual panel entitled “Ransomware in Europe: Best Practices and Pitfalls for Corporates and Other Organizations.” To learn more about the conference please click here. To register for free, please click here and use the code DEBEVOISE24EU Incident Response Forum Europe 2024 is a unique, one-day conference that brings together…
As companies slowly ramp up the depth and breadth of their AI adoption, one of the most difficult challenges they face is managing third-party risk. Most companies contemplating AI adoption will look to third-party vendors to provide AI-enabled products or services for their businesses. Companies often struggle when deciding what diligence to perform for these vendors and how to mitigate…
In the UK, unannounced inspections of businesses’ premises, or “dawn raids”, are most often associated with authorities such as the Serious Fraud Office, National Crime Agency, Competition and Markets Authority and Metropolitan Police. However, data controllers and processers should be aware that the UK’s Information Commissioner’s Office (“ICO”) can also carry out dawn raids as part of investigations into compliance…
On September 23, 2024, the U.S. Department of Justice updated its guidance to federal prosecutors related to the “Evaluation of Corporate Compliance Programs” (the “ECCP”).[1] This revision, the first since March 2023, addresses how companies manage risks associated with new and emerging technology, including artificial intelligence, and expands on preexisting guidance regarding employee reporting channels, whistleblower protection, post-acquisition compliance integration,…
Our top-five European data protection developments from August are: Uber fined for personal data transfer: The Dutch Data Protection Authority fined Uber €290 million for the unlawful transfer of European drivers’ personal data to the U.S., following Uber’s move away from relying on the standard contractual clauses (“SCCs”) in 2021. Businesses may wish to assess their own cross-border data transfer…
On November 14-15, 2024, the University of Texas School of Law and McCombs School of Business will host a groundbreaking event limited to public company directors and C-suite executives — the Director-Executive Summit. Debevoise partner Erez Lieberman will be moderating the Cybersecurity panel, which is scheduled for the morning of Friday, November 15. To learn more about the event, please click here.…