Over the past three years, we have observed many companies in a wide range of sectors adopt Artificial Intelligence (“AI”) applications for a host of promising use cases. In some instances, however, those efforts have ended up being less valuable than anticipated—and in a few cases, were abandoned altogether—because certain risks associated with adopting AI were not properly considered or…

On Tuesday, June 13, 2023 Eric Dinallo of the Insurance Regulatory Group and Avi Gesser and Stephanie Thomas of the Data Strategy & Security Group hosted an informative discussion on the revised regulations that were released on May 26, 2023 for the Colorado AI Insurance law. Topics included: Removal of many of the documentation requirements; Focus on external data; Limiting…

On May 10−12, 2023, the National Association of Attorneys General (the “NAAG”) held its Spring 2023 Consumer Protection Conference to discuss the intersection of consumer protection issues and technology. During the portion of the conference that was open to the public, panels featuring federal and state regulators, private legal practitioners, and industry experts discussed potential legal liabilities and consumer risks…

Key takeaways this May include: Facial recognition: Businesses, including those with no presence in the EEA, face continued challenges in establishing GDPR-compliant facial recognition technology after the French CNIL fined Clearview AI an additional € 5.2 million for failing to comply with its previous order against the company. GDPR individuals’ rights: Businesses should look to two new CJEU decisions on…

On Thursday, June 22 at 10:25 AM (EDT), Erez Liebermann will speak on a panel entitled Policies and priorities to strengthen resilience at the Financial Times Cyber Resilience Summit: Technology policies, legislative frameworks and digital diplomacy are at the forefront of efforts to build cyber resilience. Government agencies and regulatory bodies are under constant pressure to refine priorities and initiatives,…

Privacy and Data Protection, a leading UK journal on practical data protection compliance issues, has featured in its latest edition an article by Robert Maddox and Stephanie Thomas on the hallmarks of effective data protection by design and default under the EU and UK GDPR.  The article encourages organisations to consider incorporating principles of data protection by design and default…

Big businesses, especially those with a global footprint and operating in regulated sectors, are increasingly confronted with new and diverging cyber incident reporting requirements. A single incident—even a relatively minor one—may require notification to dozens of data protection, cyber, law enforcement, and sectoral regulators around the world, in addition to insurers, customers, and counterparties. Not only do many regulatory reporting…

On May 26, 2023, the Colorado Division of Insurance (the “DOI”) released its Revised Draft Algorithm and Predictive Model Governance Regulation (the “Revised Regulation”), amending its initial draft regulation (the “Initial Regulation”), which was released on February 1, 2023. The Revised Regulation imposes requirements on Colorado-licensed life insurance companies that use external consumer data and information sources (“ECDIS”), as well…

The IAPP’s “Profiles in Privacy” series features a monthly conversation with a notable privacy professional to discuss their journey in privacy, challenges and lessons learned along the way. IAPP’s Jennifer Bryant interviewed Matt Kelly on topics from changes in practice technology over the course of his legal career, to the importance of mentorship and professional relationships, to the reasons he…

On May 18, 2023 Debevoise & Plimpton hosted the Second Annual Cyber Counsel Conference. Peers on cyber legal teams gathered for a day of candid conversation, exclusive guests and lots of opportunities for networking. This year’s program brought together speakers from in-house, regulatory agencies and law enforcement: Eric Goldstein, the Deputy Director of CISA, opened the conference with a keynote…