The stakes are high for FemTech – as Benjamin Franklin noted: ‘it takes many good deeds to build a good reputation and only one bad one to lose it.’...more
Colorado recently enacted its Artificial Intelligence law, launching a new era of state AI laws. What do you need to know? •The bill is effective February 1, 2026 and enforceable by the Attorney General. •This is a...more
Introduction - Data protection is being driven by rapid technological advances and the increasing digitalization of society. Data protection legislation in Portugal is aligned with European Union law, in particular with...more
Challenges may arise when conducting an internal investigation related to an underlying disclosure by a whistleblower pursuant to the EU Directive, because companies must strictly comply with the GDPR. Failure to comply with...more
The highly anticipated EU Artificial Intelligence Act is finally here! With extra-territorial reach and wide-reaching ramifications for providers, deployers, and users of Artificial Intelligence (“AI”), the Artificial...more
In September 2023, the UK Online Safety Bill, which seeks to increase online safety and security, particularly child safety when using various online platforms, passed its final parliamentary debate. On October 26, the bill...more
WorldCoin is a cryptocurrency project which uses iris scanning technology to issue a “World ID” as a digital identifier. Privacy concerns over WorldCoin have been voiced by several data protection authorities worldwide....more
The very definition of generative AI suggests the creation of new content based on a program training on existing data, a recipe that necessarily raises potential U.S. and EU data privacy issues, not to mention related...more
In a letter to the National Telecommunications and Information Administration, attorneys generals from 21 states, the District of Columbia and the U.S. Virgin Islands recently weighed in on Artificial Intelligence...more
Organisations should expect increased scrutiny and enforcement activity around the role of data protection officers in the coming year. The European Data Protection Board (EDPB) has announced that its coordinated...more
The collection of personal data by organizations in the sports industry creates unique data privacy challenges. Generally, a business-to-consumer organization is focused on the personal data of its customers and separately...more
By 17 December 2021, EU Member States were required to transpose the EU Whistleblower Protection Directive into their national law. But what does this mean for multinational industries and organizations?...more
The UK government has recently published proposals to amend UK data protection legislation with moves towards divergence from EU rules and regulation following the UK’s decision to leave the EU (“Brexit”). The Data Protection...more
What can the California Privacy Protection Agency learn from the EU experience as it gets ready to draft regulations regarding DPIAs? Here is a recap of my remarks from the CPRA Regulations Stakeholder Session:...more
Many EU companies have their own ideas on what US Privacy laws mean for the, Here are three of the more common myths out there, busted. Myth 1: I don’t have physical presence in the US so the laws don’t apply to me....more
The Information Commissioner’s Office (ICO) recently released its response to the UK government consultation, ‘Data: A new direction’. The consultation was conducted by the Department for Digital, Culture, Media and Sport...more
Data Protection Commission Ireland has issued a report on the responses it received to its public consultation on its guidance on children’s rights. Of particular note is the careful consideration the commission gave the...more
The Information Commissioner’s position paper on the UK government’s proposal for a trusted digital identity system provides insight into the interplay between data protection and digital identity. Key Points- •Given...more
Earlier this year, the European Data Protection Board (“EDPB”) issued additional guidance on the application of the General Data Protection Regulation (“GDPR”) in the area of scientific health research. In key takeaways...more
Generally, contact tracing refers to an effort by public health officials to identify individuals with whom a patient who has tested positive for an infectious disease has been in close proximity. Public health officials will...more
In one of the world’s first test cases regarding the legality of the use of automated facial recognition and biometric technology, on 11 August 2020 the English Court of Appeal handed down judgment in R (Bridges) v CC South...more
In addition to the potential uses of contact-tracing apps, discussed recently in episode 1 of the Global Solutions series, most employers now conduct some form of employee screening or monitoring to help prevent the spread of...more
Following the outbreak of COVID-19, organizations have been implementing exceptional measures to maintain "business-as-usual" to the extent allowed by their particular circumstances and to protect their employees, customers...more
Following the outbreak of COVID-19 and its development into a global pandemic, organisations have been implementing exceptional measures to safeguard employees, customers and others against the health threat that is being...more
Q1/ Applicable legislation - (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? New legislation has been passed....more