Nota Bene Episode 135: Europe Q3 Check In: Brexit, Data Protection, and Block Exemption Regulations with Oliver Heinisch
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
How to avoid a €20m fine. Meritas guide to the steps companies should take to comply with GDPR
Data Privacy Trouble Surrounding Google Street View Cars Presents Lesson for Smaller Companies
Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more
On October 10, 2024, the EU Cyber Resilience Act ("CRA") was adopted by the Council of the European Union....more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
Image Alex Shandro It appears that the debate surrounding the UK’s Text and Data Mining (TDM) exception is about to reignite. TDM exceptions are key to assessing the legality of training generative AI models, and to...more
On 9 October 2024, the European Data Protection Board (EDPB) published its draft Guidelines on the processing of personal data based on legitimate interest for public consultation. The draft Guidelines, adopted on 8 October...more
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of data...more
As cyberattacks become more sophisticated, cybersecurity remains a top concern for regulators, consumers, business partners, and investors. Weak security can cause substantial harm to a company and lead to litigation,...more
On 6 September 2024, the European Commission published a set of frequently asked questions (FAQs) on Regulation (EU) 2023/2854 on Harmonised Rules on Fair Access to and Use of Data (the Data Act). More detail can be found in...more
Exactly one year from now, on September 12, 2025, the EU Data Act will enter into application. This new regulation provides harmonized rules on data access, switching cloud providers, and interoperability requirements across...more
On 25 July 2024, the EU Commission published its second report on the application of the GDPR (the ‘Second Report’), following its first report published in 2020....more
On May 21, 2024, France adopted law No. 2024-449 to secure and regulate the digital space. This law grants new enforcement powers and authority to the French Data Protection Authority (CNIL), including to seize documents,...more
Mayer Brown Partners Ana Bruder, Justin Herring, and Oliver Yaros focus on cybersecurity risks and regulations in the EU and UK. They explore third-party risks, ransomware incidents, and the impact of AI, while examining how...more
Katten's Financial Markets and Funds Quick Take is a monthly newsletter highlighting key noteworthy developments potentially affecting financial markets and funds....more
The European Union (EU) has revised its Cybersecurity Directive (NIS2). The new rules will apply to a wide range of companies in many sectors, create new cybersecurity obligations, and impose high fines for noncompliance. EU...more
The European Union (EU)’s government organizations are just like any another entity trying to function in a world where global companies and even government entities are reliant on digital platforms for messaging and...more
On January 31, 2024, the European Commission (EC) adopted the first of a series of initiatives to harmonize cybersecurity certification across the EU: the European Cybersecurity Scheme on Common Criteria (EUCC). While EUCC...more
The EU Data Act came into force on January 11, 2024. The Data Act is part of the European Commission’s data strategy released in February 2020 and obliges manufacturers of connected products to make use-related data available...more
The Court of Justice of the European Union (CJEU) published the Advocate General's Opinion on whether the GDPR would restrict the sale of a database by court enforcement officers to satisfy creditor claims without the consent...more
Following the European Court of Justice’s (“ECJ”) landmark judgement of 5 December 2023 (case no. C-807/21), the Higher Regional Court of Berlin specified the requirements for GDPR fine notices issued by data protection...more
In this episode, Thomas Nietsch, a partner in our Berlin office, sits down with Jelena Kljujic (Privacy Officer at Cisco, EMEA) and Gabriela Mercuri (Managing Director at Scope Europe) to discuss strategies for ensuring...more
In the rapidly evolving digital landscape, the European Union’s Data Act (Data Act), adopted on November 27, 2023 marks a significant shift in data, privacy, and intellectual property regulation. The Data Act applies to...more
In 2023, the European Court of Justice (ECJ) clarified the limits of applicants’ right of access requests under Article 15 of the European Union’s General Data Protection Regulation (GDPR) in landmark decisions with...more